- WordPress Plugin Swim Team is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Swim Team version 1.44.1077 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.45.1085 or latest
- WordPress Plugin NewStatPress Cross-Site Scripting (1.2.4)
- WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15)
- WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.2.7)
- WordPress Plugin Csv2WPeC Coupon Arbitrary File Upload (1.1)
- WordPress Plugin Border Loading Bar Multiple Cross-Site Scripting Vulnerabilities (1.0)