- WordPress Plugin Ajax Store Locator is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Ajax Store Locator version 1.2.0 is vulnerable; prior versions may also be affected.
- Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
- WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1 )
- WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.13)
- WordPress Plugin GEO my WordPress Unspecified Vulnerability (220.127.116.11)
- WordPress 4.5.x Same Origin Method Execution (SOME) Vulnerability (4.5 - 4.5.1)
- Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8)