- WordPress Plugin All in One Social Lite is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin All in One Social Lite version 1.0 is vulnerable.
- Edit the source code to ensure that input is properly validated or disable the plugin until a fix is available
- WordPress Plugin Ninja Forms-The Easy and Powerful Forms Builder Cross-Site Scripting (3.3.17)
- WordPress Plugin Special Text Boxes Unspecified Vulnerability (5.5.102)
- WordPress Plugin WP Live Chat Support Pro Unspecified Vulnerability (8.0.07)
- WordPress Plugin Events Manager Extended Multiple HTML Injection Vulnerabilities (3.1.2)
- WordPress Plugin Google Forms Cross-Site Scripting (0.84)