Description
WordPress Plugin Simply Show Hooks contains malicous code. Exploiting this issue may allow an attacker to create a new administrative user account, thus compromising the affected application, and possibly the webserver or computer. WordPress Plugin Simply Show Hooks version 1.2.1 is affected; prior versions may also be affected.
Remediation
Disable and remove the plugin until a fix is available
References
Related Vulnerabilities
Oracle Database Server CVE-2015-4753 Vulnerability (CVE-2015-4753)
WordPress Plugin FormBuilder Cross-Site Scripting (0.90)
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.5)
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.3.13.727)
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733)