- WordPress Plugin FireStats is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin FireStats version 1.6.1 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.6.2 or latest
- WordPress Plugin WooCommerce Unspecified Vulnerability (3.5.3)
- WordPress Plugin WP eCommerce Multiple Vulnerabilities (22.214.171.124)
- WordPress Plugin Save Contact Form 7 Information Disclosure (2.0)
- WordPress Plugin Evarisk 'ajax.php' SQL Injection (126.96.36.199)
- WordPress Plugin Advanced Custom Fields Cross-Site Scripting (4.4.3)