- WordPress Plugin Disclosure Policy is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Disclosure Policy version 1.0 is vulnerable; other versions may also be affected.
- Edit the source code to ensure that input is properly sanitised or disable the plugin until a fix is available
- WordPress Plugin Popup Maker-Popup Forms, Optins & More Security Bypass (1.7.29)
- WordPress Plugin STT2 Extension Add Terms Unspecified Vulnerability (1.0.2)
- WordPress Plugin zM Ajax Login & Register Multiple Vulnerabilities (1.0.9)
- WordPress Plugin User Role Editor Cross-Site Scripting (4.37)
- WordPress Plugin VendorFuel Local File Overwrite (1.3.1)