- WordPress Plugin Email newsletter is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Email newsletter version 8.0 is vulnerable; prior versions may also be affected.
- Update to plugin version 9.0 or latest
- WordPress Plugin Breezing Forms Cross-Site Scripting (126.96.36.199)
- WordPress Plugin LOGOSWARE SUITE Uploader Arbitrary File Upload (1.1.6)
- Apache Tomcat version older than 6.0.11
- WordPress Plugin Carousel slideshow 'swfupload.swf' Cross-Site Scripting (3.10)
- WordPress Plugin WooCommerce Instamojo Cross-Site Scripting (0.0.6)