Description
WordPress Plugin No Follow All External Links is injecting spam into the website's content, thus publicizing content to normal site visitors or to search engines without the authorization of the website's owner. WordPress Plugin No Follow All External Links version 2.3.0 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Duplicate Theme Unspecified Vulnerability (0.1.4)
Contao Improper Privilege Management Vulnerability (CVE-2021-37627)
WordPress Plugin Google Doc Embedder Cross-Site Scripting (2.5.18)
WebLogic CVE-2019-2646 Vulnerability (CVE-2019-2646)
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.20)