- WordPress Plugin Photocart Link is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Photocart Link version 1.6 is vulnerable; prior versions may also be affected.
- Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
- WordPress 4.5.x Arbitrary File Deletion Vulnerability (4.5 - 4.5.14)
- WordPress 4.0.x Same Origin Method Execution (SOME) Vulnerability (4.0 - 4.0.10)
- WordPress Plugin Ultimate Member-User Profile & Membership Cross-Site Scripting (2.0.25)
- WordPress Plugin Cerber Security, Antispam & Malware Scan Cross-Site Request Forgery (2.7.2)
- WordPress Plugin WordPress Comments Import & Export CSV Injection (2.0.4)