- WordPress Plugin jRSS Widget is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin jRSS Widget version 1.1.1 is vulnerable; other versions may also be affected.
- Update to plugin version 1.2 or latest
- WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.15)
- WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4)
- WordPress Plugin Easy Digital Downloads Unspecified Vulnerability (2.4.9)
- WordPress Plugin WooCommerce Quick Reports Cross-Site Scripting (1.0.6)
- WordPress Plugin Relocate Upload 'abspath' Parameter Remote File Include (0.14)