WordPress Plugin TablePress XML External Entity Injection (1.8)
Description
WordPress Plugin TablePress is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause Denial-of-Service condition. WordPress Plugin TablePress version 1.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.8.1 or latest