- WordPress Plugin Annonces is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Annonces version 18.104.22.168 is vulnerable; prior versions may also be affected.
- Update to plugin version 22.214.171.124 or latest
- WordPress Plugin WooCommerce Export Orders and More Cross-Site Scripting (2.0.9)
- WordPress Plugin KNR Author List Widget 'listItem' Parameter SQL Injection (2.0.0)
- WordPress Plugin EditorMonkey Remote File Upload (2.5)
- WordPress Plugin WooCommerce Email Test Information Disclosure (1.5)
- WordPress Plugin Custom css-js-php Unspecified Vulnerability (2.0.2)