- WordPress Plugin Social Media and Share Icons (Ultimate Social Media) is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete critical settings from website and make it non-functional. WordPress Plugin Social Media and Share Icons (Ultimate Social Media) version 1.5.1 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.5.2 or latest
- WordPress Plugin Podcast Channels Cross-Site Scripting (0.20)
- WordPress Plugin User Self Delete SQL Injection (1.1)
- WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Cross-Site Scripting (1.7.18)
- WordPress Plugin Font Uploader 'font-upload.php' Arbitrary File Upload (1.2.4)
- WordPress Plugin WP Consultant Cross-Site Scripting (1.0)