- WordPress Plugin Advanced Custom Fields is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Advanced Custom Fields version 3.5.1 is vulnerable; prior versions may also be affected.
- Update to plugin version 3.5.2 or latest
- WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.7)
- WordPress Plugin Photo Gallery by WD-Responsive Photo Gallery Unspecified Vulnerability (1.3.66)
- WordPress Plugin Import any XML or CSV File to WordPress Pro Multiple Vulnerabilities (4.1.1)
- WordPress Plugin Polldaddy Polls & Ratings Cross-Site Request Forgery (2.0.20)
- WordPress Plugin Count per Day Multiple Vulnerabilities (3.5.6)