Description
WordPress Plugin AccessPress iFeeds [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin AccessPress iFeeds version 4.0.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.0.4 or latest
References
Related Vulnerabilities
WordPress Plugin Page Visit Counter SQL Injection (4.0.9)
OpenVPN AS Improper Authentication Vulnerability (CVE-2020-15077)
WordPress Plugin Dropshix Security Bypass (4.0.13)
Joomla CVE-2017-7988 Vulnerability (CVE-2017-7988)
WordPress Plugin Clicky by Yoast Multiple Cross-Site Scripting Vulnerabilities (1.5)