• WordPress Plugin SL User Create is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin SL User Create version 0.2.4 is vulnerable; prior versions may also be affected.

• Update to plugin version 0.2.5 or latest

• • http://www.securityfocus.com/bid/63009/discuss
  • http://secunia.com/advisories/55262/

• 

• CWE-200

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

• Missing Update Information Disclosure

• WordPress Plugin Simple Download Button Shortcode 'file' Parameter Information Disclosure (1.0)
• WordPress Plugin Divi Builder Security Bypass (1.2.3)
• WordPress Plugin YouTube Cross-Site Request Forgery (11.8.1)
• WordPress Plugin Ultimate Member-User Profile & Membership Remote Code Execution (2.0.32)
• WordPress Plugin Abandoned Cart Lite for WooCommerce SQL Injection (1.8)