- WordPress Plugin Smush Image Compression and Optimization is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Smush Image Compression and Optimization version 2.7.5 is vulnerable; prior versions may also be affected.
- Update to plugin version 2.7.6 or latest
- WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.32)
- WordPress Plugin Contact Form DB CSV Injection (2.10.32)
- WordPress Plugin aoringo LOG maker Cross-Site Scripting (0.1.3)
- WordPress Plugin Google Calendar Events Cross-Site Scripting (184.108.40.206)
- WordPress Plugin Woo Email Control Cross-Site Scripting (1.01)