WordPress Plugin Insert PHP PHP Code Injection (1.3)

Description
  • WordPress Plugin Insert PHP is prone to a vulnerability that lets attackers inject and execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin Insert PHP version 1.3 is vulnerable; prior versions may also be affected.
Remediation
  • Disable the plugin until a fix is available
References