Description
WordPress Plugin Smartest Way To Design & Customize WordPress Comments & Comment Form-WP Comment Designer Lite [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Smartest Way To Design & Customize WordPress Comments & Comment Form-WP Comment Designer Lite version 2.0.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.4 or latest
References
Related Vulnerabilities
WordPress Plugin Stockists Manager for Woocommerce Cross-Site Request Forgery (1.0.2.1)
WordPress Plugin Statistics Remote Code Execution (1.8)
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Request Forgery (2.9.43)
WordPress Plugin Chat-Support Board-WordPress Chat Privilege Escalation (3.3.8)