Description

WordPress Plugin WordPress Custom Global Variable is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin WordPress Custom Global Variable version 3.0.0 is vulnerable; prior versions may also be affected.

Remediation

Disable the plugin until a fix is available

References

https://wordpress.org/plugins/wp-global-variable/#description

Related Vulnerabilities

WordPress Plugin Insert Html Snippet Cross-Site Request Forgery (1.2)

WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Scripting (1.7.0)

WordPress Plugin Pricing Table by Supsystic Multiple Vulnerabilities (1.8.1)

WordPress Plugin Wp Cookie Choice Cross-Site Request Forgery (1.1.0)

Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-11581)

Severity

High

Tags

Missing Update