Description
WordPress Plugin PHP Speedy is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin PHP Speedy versions 0.5.2 and prior are vulnerable; other versions may also be affected.
Remediation
Edit the source code to ensure that input is properly sanitised and verified or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Pardakht Delkhah Cross-Site Scripting (2.9.2)
WordPress Plugin Quiz And Survey Master-Best Quiz, Exam and Survey Cross-Site Scripting (7.1.13)
Python Uncontrolled Search Path Element Vulnerability (CVE-2017-20052)
WordPress Plugin Responsive Category Slider Cross-Site Scripting (1.0)