Description
WordPress Plugin CTA for WordPress-Easy Side Tab [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin CTA for WordPress-Easy Side Tab version 1.0.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.0.8 or latest
References
Related Vulnerabilities
WordPress Plugin Alojapro Widget Cross-Site Scripting (1.1.15)
WordPress Plugin Flip Slideshow Cross-Site Scripting (2.2)
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.9)
WordPress Plugin All-in-One WP Migration Security Bypass (2.0.4)
Oracle Database Server CVE-2011-0785 Vulnerability (CVE-2011-0785)