Description
WordPress Plugin Event Single Page Templates Addon For The Events Calendar is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently download and extract a remote ZIP file on the blog, which can lead to remote code execution. WordPress Plugin Event Single Page Templates Addon For The Events Calendar version 1.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.6 or latest
References
Related Vulnerabilities
WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6113)
WordPress Plugin Share Posts To Email Cross-Site Scripting (1.0.2)
WordPress Plugin YITH WooCommerce Questions and Answers Security Bypass (1.1.9)