Description
WordPress Plugin Simply Show Hooks contains malicous code. Exploiting this issue may allow an attacker to create a new administrative user account, thus compromising the affected application, and possibly the webserver or computer. WordPress Plugin Simply Show Hooks version 1.2.1 is affected; prior versions may also be affected.
Remediation
Disable and remove the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (4.41)
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce SQL Injection (1.6.8)
WordPress Plugin Ultimate TinyMCE 'swfupload.swf' Cross-Site Scripting (3.5)
OpenSSL Resource Management Errors Vulnerability (CVE-2010-2939)