Description
WordPress Plugin Form Store to DB [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Form Store to DB version 1.0.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.0 or latest
References
Related Vulnerabilities
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1975)
WordPress Plugin Quiz Maker Multiple SQL Injection Vulnerabilities (6.2.0.8)
WordPress Plugin Handsome Testimonials & Reviews SQL Injection (2.0.7)
WordPress Plugin Related Sites 'guid' Parameter SQL Injection (2.1)