Description
WordPress Plugin Responsive WordPress Timeline-Everest Timeline Lite [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Responsive WordPress Timeline-Everest Timeline Lite version 1.1.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.2 or latest
References
Related Vulnerabilities
Apache Tomcat Data Processing Errors Vulnerability (CVE-2014-0227)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2202)
WordPress Plugin ALO EasyMail Newsletter Cross-Site Request Forgery (2.9.2)
WordPress Plugin WPFront User Role Editor Multiple Cross-Site Scripting Vulnerabilities (2.13)