- WordPress Plugin Swim Team is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Swim Team version 1.44.1077 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.45.1085 or latest
- WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Unspecified Vulnerability (2.6.4)
- WordPress Plugin WP Statistics SQL Injection (9.4)
- WordPress Plugin Calendar Event Multi View SQL Injection (1.01)
- WordPress Plugin Resume Submissions & Job Postings Arbitrary File Upload (2.5.3)
- WordPress Plugin Amazon Tools Cross-Site Scripting (1.7.2)