- WordPress Plugin Easy Author Image is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Easy Author Image version 1.5 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.5.1 or latest
- WordPress Plugin Manage and respond to conversations with leads-HappyForms PHP Object Injection (1.0.0)
- Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6)
- Drupal Core 7.x Information Disclosure (7.0 - 7.26)
- WordPress Plugin Multicons [Multiple Favicons] Cross-Site Scripting (2.1)
- WordPress Plugin Katalyst TimThumb 'timthumb.php' Arbitrary File Upload (1.0)