- WordPress Plugin Booking Calendar is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Booking Calendar version 7.0 is vulnerable; prior versions may also be affected.
- Update to plugin version 7.1 or latest
- WordPress Plugin Google Analytics Top Content Widget Cross-Site Scripting (1.5.6)
- Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.27)
- WordPress Plugin WP eCommerce 'wpsc-transaction_results_functions.php' SQL Injection (22.214.171.124)
- WordPress Plugin Disc Golf Manager PHP Object Injection (1.0.0)
- WordPress 2.6.3 Cross-Site Scripting Vulnerability (0.6.2 - 2.6.3)