- Drupal Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently conduct spam campains. Drupal Core versions 7.x ranging from 7.0 and up to and including 7.55 are vulnerable.
- Update to Drupal Core version 7.56 or latest
- WordPress Plugin Ninja Forms-The Easy and Powerful Forms Builder Multiple Cross-Site Scripting Vulnerabilities (2.9.21)
- WordPress Plugin Total Security Multiple Vulnerabilities (3.4)
- WordPress Plugin Hot Files:File Sharing and Download Manager Cross-Site Scripting (1.0.0)
- WordPress Plugin Post Grid PHP Object Injection (2.0.11)
- WordPress Plugin WooCommerce Checkout For Digital Goods Cross-Site Request Forgery (2.2)