- WordPress Plugin Aspose DOC Exporter is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Aspose DOC Exporter version 1.0 is vulnerable.
- Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
- WordPress Plugin Ultimate Member-User Profile & Membership Cross-Site Scripting (1.2.3)
- WordPress Plugin AppPresser-Mobile App Framework Cross-Site Scripting (1.1.4)
- WordPress Plugin Shortcodes Ultimate Directory Traversal (4.9.9)
- WordPress Plugin Heat Trackr Cross-Site Scripting (1.0)
- WordPress Plugin Testimonials by BestWebSoft Cross-Site Scripting (0.1.8)