Description
WordPress Plugin AccessPress Custom CSS [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin AccessPress Custom CSS version 2.0.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.2 or latest
References
Related Vulnerabilities
PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.13)
WordPress Plugin Default Thumbnail Plus Arbitrary File Upload (1.0.2.3)
WordPress Plugin WebLibrarian Cross-Site Scripting (3.4.8.6)
Microsoft SQL Server CVE-2023-36420 Vulnerability (CVE-2023-36420)