Description
WordPress Plugin Free WordPress To Display Like/Dislike Comment Rating-Everest Comment Rating Lite [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Free WordPress To Display Like/Dislike Comment Rating-Everest Comment Rating Lite version 2.0.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.5 or latest
References
Related Vulnerabilities
WordPress Plugin Custom Search by BestWebSoft Unspecified Vulnerability (1.21)
Play Framework Uncontrolled Recursion Vulnerability (CVE-2020-26883)
WebLogic CVE-2021-2108 Vulnerability (CVE-2021-2108)
Joomla Missing Authorization Vulnerability (CVE-2021-23123)
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5)