The Product Feed Manager plugin for WordPress has a security vulnerability in all versions up to 7.3.15. This vulnerability allows anyone with an administrator-level account on the server to include any file they want, which could lead to remote code execution.