Description
WordPress Plugin Responsive Media Gallery for WordPress-Everest Gallery Lite [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Responsive Media Gallery for WordPress-Everest Gallery Lite version 1.0.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.0.9 or latest
References
Related Vulnerabilities
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-1238)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-0682)
TYPO3 Improper Input Validation Vulnerability (CVE-2009-0258)
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00)
WordPress Plugin demon image annotation Cross-Site Request Forgery (4.7)