Joomla! 1.6.x/1.7.x/2.5.0-2.5.2 suffers from a privilege escalation vulnerability that allows users to be registered into any group not having 'core.admin' privileges.
Joomla! versions 1.0.x, 1.5.x, and 2.5.3+ are not vulnerable. No patch has been issued for 1.6.x or 1.7.x and users of these versions are strongly urged to upgrade to 2.5.3 immediately.
WordPress Plugin Rockhoist Ratings SQL Injection (1.2.1)
WordPress Plugin WP Support Plus Responsive Ticket System SQL Injection (7.1.4)
WordPress 4.0.x Possible SQL Injection Vulnerability (4.0 - 4.0.19)
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.6.6)