- WordPress Plugin Email newsletter is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Email newsletter version 8.0 is vulnerable; prior versions may also be affected.
- Update to plugin version 9.0 or latest
- WordPress Plugin gSlideShow Cross-Site Request Forgery (0.1)
- WordPress Plugin Unconfirmed Cross-Site Scripting (1.2.3)
- WordPress Plugin WPtouch Mobile Arbitrary File Upload (3.4.6)
- WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)
- WordPress Plugin s2member Secure File Browser Cross-Site Scripting (0.4.16)