- WordPress Plugin Posts in Page is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Posts in Page version 1.2.4 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.3.0 or latest
- WordPress Plugin Social Essentials-Social Stats and Sharing Buttons Cross-Site Scripting (1.3.1)
- WordPress Plugin WP Fastest Cache Cross-Site Scripting (0.8.5.5)
- WordPress Plugin Dean's FCKEditor with pwwang's code Arbitrary File Upload (1.0.0)
- Joomla! Core 1.5.x Multiple Vulnerabilities (1.5.0 - 1.5.3)
- Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1)