• WordPress Plugin Global Content Blocks is prone to multiple security vulnerabilities, including a remote PHP code execution vulnerability and multiple information disclosure vulnerabilities. Successful exploits of these issues may allow remote attackers to execute arbitrary malicious PHP code in the context of the application or obtain potentially sensitive information. WordPress Plugin Global Content Blocks version 1.5.1 is vulnerable; prior versions may also be affected.

• Update to plugin version 1.5.2 or latest

• • http://ceriksen.com/2012/07/12/wordpress-global-content-blocks-multiple-vulnerabilities/
  • http://secunia.com/advisories/49854/

• 

• CWE-95

  CWE-200

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

• Missing Update Code Execution Information Disclosure

• WordPress Plugin CWIS-Antivirus Security Scanner Unspecified Vulnerability (2.3.2)
• WordPress 4.8.x Possible SQL Injection Vulnerability (4.8 - 4.8.2)
• WordPress Plugin WooCommerce Products Filter Multiple Vulnerabilities (1.1.9)
• WordPress Plugin Ninja Popups Multiple Vulnerabilities (4.5.3)
• WordPress Plugin Responsive Lightbox by dFactory Cross-Site Scripting (1.7.1)