Description
WordPress Plugin Free Responsive Post/Article Author Section for WordPress-Ultimate Author Box Lite [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Free Responsive Post/Article Author Section for WordPress-Ultimate Author Box Lite version 1.1.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.3 or latest
References
Related Vulnerabilities
WordPress Plugin Sports Rankings and Lists Cross-Site Scripting (3.5)
Lodash CVE-2018-3721 Vulnerability (CVE-2018-3721)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-45061)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9852)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Request Forgery (8.0.37)