- WordPress Plugin Theme Tuner is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Theme Tuner version 0.7 is vulnerable; prior versions may also be affected.
- Update to plugin version 0.8 or latest
- WordPress Plugin DS.DownloadList PHP Object Injection (1.2)
- WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9)
- WordPress Plugin Real3D FlipBook Multiple Vulnerabilities (2.18.8)
- WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10)
- WordPress Plugin MarketPress-WordPress eCommerce PHP Object Injection (3.2.6)