- WordPress Plugin Google Forms is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin Google Forms version 0.91 is vulnerable; prior versions may also be affected.
- Update to plugin version 0.92 or latest
- WordPress Plugin WooCommerce PHP Object Injection (3.2.3)
- WordPress Plugin KNR Author List Widget 'listItem' Parameter SQL Injection (2.0.0)
- WordPress Plugin Better Search Replace Multiple Unspecified Vulnerabilities (1.0.3)
- WordPress Plugin Flexible Custom Post Type Cross-Site Scripting (0.1.5)
- WordPress Plugin Popup by Supsystic Cross-Site Request Forgery (1.7.8)