Description
WordPress Plugin WP No External Links is injecting spam into the website's content, thus publicizing content to normal site visitors or to search engines without the authorization of the website's owner. WordPress Plugin WP No External Links version 4.2.2 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
Drupal Numeric Errors Vulnerability (CVE-2007-5416)
MongoDb Improper Authentication Vulnerability (CVE-2014-8180)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.27)
Atlassian Jira Missing Authorization Vulnerability (CVE-2017-18101)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-7838)