Description
WordPress Plugin WP Popup Lite-Responsive popup for WordPress [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin WP Popup Lite-Responsive popup for WordPress version 1.0.8 is vulnerable; prior versions may also be affected.
Remediation
Disable and remove the plugin, or download it from wordpress.org repository
References
Related Vulnerabilities
Oracle JRE CVE-2014-0457 Vulnerability (CVE-2014-0457)
WordPress 4.4.x Arbitrary File Deletion Vulnerability (4.4 - 4.4.15)
WordPress 3.7.x Prototype Pollution (3.7 - 3.7.37)
Bitcoin/Altcoin Faucet Cross-Site Request Forgery (1.6.0)
Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7)