- WordPress Plugin Mailing List is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Mailing List version 1.3.3 is vulnerable; other versions may also be affected.
- Update to plugin version 1.3.4 or latest
- WordPress Plugin All In One WP Security & Firewall Multiple SQL Injection Vulnerabilities (3.8.2)
- WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)
- WordPress Plugin Woo Import Export Arbitrary File Deletion (1.0)
- WordPress Plugin Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3)
- WordPress Plugin WP-Members Membership Multiple Cross-Site Scripting Vulnerabilities (2.8.9)