Description
WordPress Plugin AccessAlly is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin AccessAlly version 3.3.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.3.2 or latest