- WordPress Plugin Eventify-Simple Events is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Eventify-Simple Events version 1.7.g is vulnerable; prior versions may also be affected.
- Update to plugin version 1.7.h or latest
- WordPress Plugin Fusion:Extension-Menu Multiple Unspecified Vulnerabilities (1.0.2)
- WordPress Plugin Bitcoin Faucet Cross-Site Scripting (1.0.12)
- Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.4.4)
- WordPress Plugin Featured Post with thumbnail Unspecified Vulnerability (1.4)
- WordPress Plugin Portfolio Cross-Site Request Forgery (1.0)