- Joomla! 1.6.x/1.7.x/2.5.0-2.5.2 suffers from a privilege escalation vulnerability that allows users to be registered into any group not having 'core.admin' privileges.
- Joomla! versions 1.0.x, 1.5.x, and 2.5.3+ are not vulnerable. No patch has been issued for 1.6.x or 1.7.x and users of these versions are strongly urged to upgrade to 2.5.3 immediately.
- WordPress Plugin Yasr-Yet Another Stars Rating SQL Injection (0.9.0)
- WordPress Plugin RK Responsive Contact Form SQL Injection (1.0.0)
- WordPress Plugin Appointment Booking Calendar SQL Injection (1.1.23)
- WordPress Plugin Party Hall Booking Manager SQL Injection (1.1)
- WordPress Plugin Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7)