- WordPress Plugin Payment Gateways Caller for WP e-Commerce is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Payment Gateways Caller for WP e-Commerce version 0.1 is vulnerable.
- Update to plugin version 0.1.1 or latest
- WordPress Plugin Cerber Security, Antispam & Malware Scan Multiple Security Bypass Vulnerabilities (8.0)
- WordPress Plugin WP Mobile Edition Arbitrary File Disclosure (2.2.7)
- WordPress Plugin Feedify Remote Code Execution (2.0.0)
- WordPress Plugin Subscriber by BestWebSoft Cross-Site Scripting (1.3.4)
- WordPress Plugin Peter's Math Anti-Spam Audio CAPTCHA Security Bypass (0.1.6)