- The RealVNC server running on the remote host is susceptible to an authentication-bypass vulnerability. This issue is due to a flaw in the authentication process of the affected package. Exploiting this issue allows attackers to gain unauthenticated, remote access to the VNC servers.
- Upgrade RealVNC to the latest version.
- WordPress Plugin wpForo Forum Cross-Site Scripting (1.4.11)
- WordPress Plugin Relevanssi-A Better Search Cross-Site Scripting (4.0.4)
- WordPress Plugin Nmedia WordPress Member Conversation 'doupload.php' Arbitrary File Upload (1.3)
- WordPress Plugin History Collection Arbitrary File Download (1.1.1)
- WordPress Plugin Child Theme Creator by Orbisius Arbitrary File Modification (1.2.6)