Description
WordPress Plugin AccessPress iFeeds [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin AccessPress iFeeds version 4.0.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.0.4 or latest
References
Related Vulnerabilities
WordPress Plugin Advanced Forms for ACF Pro Security Bypass (1.6.8)
WordPress Plugin Thrive Clever Widgets Security Bypass (1.56)
IBM WebSEAL Improper Input Validation Vulnerability (CVE-2021-20496)
WordPress Plugin ComicPress Manager 'lang' Parameter Cross-Site Scripting (1.4.9.9)
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Disclosure (3.7)