- WordPress Plugin Booking Calendar is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Booking Calendar version 7.0 is vulnerable; prior versions may also be affected.
- Update to plugin version 7.1 or latest
- WordPress Plugin Easing Slider Multiple Cross-Site Scripting Vulnerabilities (220.127.116.11)
- Drupal Core 5.x Cross-Site Scripting (5.0 - 5.2)
- WordPress Plugin Wp-FileManager 'ajaxfilemanager.php' Arbitrary File Upload (1.2)
- WordPress Plugin Advanced AJAX Page Loader Arbitrary File Upload (2.7.6)
- WordPress Plugin Ninja Forms-The Easy and Powerful Forms Builder Cross-Site Request Forgery (2.7.7)