- The remote LDAP server allows anonymous binds. Anonymous binds (or NULL binds) permits an attacker to anonymously access information from the LDAP directory.
- If you are not using this service, it is recommended to disable it. Otherwise, it is recommended to disable anonymous binds.
- XML external entity injection via File Upload
- WordPress Plugin AlertWire Information Disclosure (1.1.1)
- WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)
- WordPress Plugin Image Export Arbitrary File Download (1.1.0)
- WordPress Plugin Count per Day Arbitrary File Download and Cross-Site Scripting Vulnerabilities (3.1)