Description
WordPress Plugin AccessPress Social Counter [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin AccessPress Social Counter version 1.9.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.9.2 or latest
References
Related Vulnerabilities
WordPress Plugin ClinicalWP Core Cross-Site Scripting (1.0.5)
WordPress Plugin Events Made Easy Cross-Site Scripting (2.2.23)
WordPress Plugin Stripe Payment for WooCommerce Security Bypass (3.7.7)
WordPress Plugin EMC2 Custom Help Videos Cross-Site Scripting (1.2)
WordPress Plugin Oi Yandex.Maps for WordPress Cross-Site Scripting (3.2.7)