- WordPress Plugin N-Media Website Contact Form with File Upload is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin N-Media Website Contact Form with File Upload version 1.5 is vulnerable; prior versions are also affected.
- Update to plugin version 1.6 or latest
- WordPress Plugin Gantry 4 Framework Cross-Site Scripting (4.1.5)
- WordPress Plugin LinkedIn by BestWebSoft Cross-Site Scripting (1.0.4)
- WordPress Plugin Gallery-Photo Gallery SQL Injection (1.0.0)
- WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)
- WordPress Plugin Frontend Uploader Cross-Site Scripting (0.9.2)