- WordPress Plugin 1 Flash Gallery is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. WordPress Plugin 1 Flash Gallery version 1.5.7 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.5.8 or latest
- WordPress Plugin OptinMonster-Best WordPress Popup and Lead Generation Security Bypass (18.104.22.168)
- WordPress Plugin Shopping Cart Multiple SQL Injection and Arbitrary File Upload Vulnerabilities (8.1.14)
- WordPress Plugin Twitter Cards Meta Multiple Vulnerabilities (2.4.5)
- WordPress Plugin Live Streaming/Broadcast Live Video PHP Object Injection (4.67.8)
- WordPress Plugin WP No External Links Cross-Site Scripting (3.5.18)