A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST[\'adaptive-images-settings\'][\'source_file\'] parameter in adaptive-images-script.php.