- WordPress Plugin CIP4 Folder Download Widget is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin CIP4 Folder Download Widget version 1.10 is vulnerable; prior versions may also be affected.
- Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
- WordPress Plugin WooCommerce Products Filter Multiple Vulnerabilities (1.1.9)
- WordPress Plugin WP-reCAPTCHA Cross-Site Scripting (3.1.3)
- WordPress Plugin Downloads Manager 'upload.php' Arbitrary File Upload (0.2)
- WordPress Plugin Hide Featured Image Unspecified Vulnerability (1.1)
- WordPress Plugin Admin Font Editor Cross-Site Scripting (1.8)