CVE-2022-1391

Name of the Vulnerable Software and Affected Versions Cab fare calculator WordPress plugin versions prior to 1.0.4

Description The issue is related to the lack of validation of the controller parameter, which is used in require statements. This could lead to Local File Inclusion issues.

Recommendations For versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable controller parameter to minimize the risk of exploitation.