Description
WordPress Plugin Beautiful Stat Counter for WordPress-Everest Counter Lite [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Beautiful Stat Counter for WordPress-Everest Counter Lite version 2.0.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.8 or latest
References
Related Vulnerabilities
WordPress Plugin Kanzu Support Desk-WordPress Helpdesk Remote Code Execution (2.4.6)
WordPress Plugin WP Maintenance Mode Cross-Site Scripting (2.2.3)
WordPress Plugin Travelpayouts:All Travel Brands in One Place Cross-Site Request Forgery (1.0.16)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.12)
WordPress Plugin Telefication Server-Side Request Forgery (1.8.0)