- WordPress Plugin A/B Test is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin A/B Test version 1.0.6 is vulnerable; other versions may also be affected.
- Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
- WordPress Plugin WP-Forum Multiple SQL Injection Vulnerabilities (2.3)
- WordPress Plugin Featurific For WordPress 'snum' Parameter Cross-Site Scripting (1.6.2)
- WordPress Plugin My Wish List Cross-Site Scripting (1.4.1)
- WordPress Plugin Display Widgets Spam Links Injection (18.104.22.168)
- WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.32)