- WordPress Plugin CM Download Manager is prone to a vulnerability that lets remote attackers inject and execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary code within the context of the affected webserver process; this may result in total compromise of the web server. WordPress Plugin CM Download Manager version 2.0.3 is vulnerable; prior versions may also be affected.
- Update to plugin version 2.0.4 or latest
- WordPress Plugin Import users from CSV with meta Multiple Vulnerabilities (220.127.116.11)
- WordPress Plugin Emag Marketplace Connector Cross-Site Scripting (1.0.0)
- WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5)
- WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.6.3)
- WordPress Plugin Slimstat Analytics SQL Injection (3.9.5)