Description
WordPress Plugin Responsive Clients Logo Gallery for WordPress-Smart Logo Showcase Lite [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Responsive Clients Logo Gallery for WordPress-Smart Logo Showcase Lite version 1.1.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.8 or latest
References
Related Vulnerabilities
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Unspecified Vulnerability (2.6.4)
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.6)
Joomla Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-5671)
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2023-22622)