• WordPress Plugin MP3-jPlayer is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin MP3-jPlayer version 2.3.2 is vulnerable; prior versions may also be affected.

• Update to plugin version 2.3.3 or latest

• • http://www.vapidlabs.com/advisory.php?v=149
  • https://packetstormsecurity.com/files/132984/WordPress-MP3-jPlayer-2.3.2-Path-Disclosure.html

• 

• CVE-2015-1000008

• CWE-200

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

• Missing Update Information Disclosure

• WordPress Plugin Link Library 'id' Parameter Cross-Site Scripting and SQL Injection Vulnerabilities (5.0.8)
• Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6)
• WordPress Plugin MiniCart SQL Injection (1.00.1)
• WordPress Plugin S3 Video Cross-Site Scripting (0.97)
• WordPress Plugin ActiveHelper LiveHelp Live Chat Multiple Cross-Site Scripting Vulnerabilities (3.1.0)