Local File Inclusion Security Threat

  • Resolved pmabraham

    (@pmabraham)


    2 years, 10 months ago

    Good day:

    I received a message from our hosting provider concerning a security issue with the Yet Another Related Posts Plugin:

    “Our security monitoring has alerted us to a vulnerable plugin running on your wordpress site nurse.2abraham.com with no update available.

    We recommend you disable and delete the following plugin based on the severity of this vulnerability until an update is released:
    WordPress Yet Another Related Posts Plugin (YARPP) plugin <= 5.30.3 – Local File Inclusion”

    Can you please fix the security issue?

    Thank you!

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author YARPP

    (@jeffparker)

    2 years, 9 months ago

    Thank you for your patience.

    This issue has been patched in v5.30.5. Please upgrade to the latest version.

    The issue was limited to Windows servers and the user would have to have writing permission. If your server is Linux (most are), you were not affected at all. In any case, it is patched now.

Viewing 1 replies (of 1 total)

The topic ‘Local File Inclusion Security Threat’ is closed to new replies.