Description
WordPress Plugin CTA for WordPress-Easy Side Tab [only if downloaded via the vendor website] contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin CTA for WordPress-Easy Side Tab version 1.0.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.0.8 or latest
References
Related Vulnerabilities
WordPress Plugin QR Redirector Security Bypass (1.5)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)
Moodle Improper Input Validation Vulnerability (CVE-2012-0795)
WordPress Plugin Bug Library Cross-Site Scripting (1.4.2)
WordPress Plugin Woocommerce Products Price Bulk Edit Cross-Site Scripting (2.2.0)