- WordPress Plugin Paid Memberships Pro is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Paid Memberships Pro version 18.104.22.168 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.7.15 or latest
- WordPress Plugin Keyword Strategy Internal Links Multiple Cross-Site Scripting Vulnerabilities (2.0)
- WordPress Plugin Profile Extra Fields by BestWebSoft Cross-Site Scripting (1.0.7)
- WordPress Plugin wpShopGermany Free Arbitrary File Upload (4.0.10)
- WordPress Plugin WordPress Landing Pages Cross-Site Scripting (1.8.5)
- WordPress Plugin WP Fastest Cache Cross-Site Request Forgery (0.8.3.4)