WordPress jRSS Widget Plugin 1.1.1 - Information Disclosure Vulnerability
This jRSS Widget plugin is prone to an information-disclosure vulnerability. Application fails to validate user-supplied data. Because of this issue, an attacker can view local files in the context of the affected application. In that way, the attacker obtains sensitive information. Other attacks are also possible.