Description
WordPress Plugin WP Server Health Stats contains malicous code. Exploiting this issue may allow an attacker to create a new administrative user account, thus compromising the affected application, and possibly the webserver or computer. WordPress Plugin WP Server Health Stats version 1.7.6 is affected.
Remediation
Update to plugin version 1.7.8 or latest
References
Related Vulnerabilities
WordPress Plugin Cool Video Gallery Cross-Site Request Forgery (1.8)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Cross-Site Scripting (5.0.6)
WordPress Plugin Activity Log Cross-Site Scripting (2.3.1)
MySQL CVE-2021-2352 Vulnerability (CVE-2021-2352)
MongoDb Improper Input Validation Vulnerability (CVE-2015-1609)