- WordPress Plugin Ultimate Member-User Profile & Membership is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify arbitrary user_meta data. WordPress Plugin Ultimate Member-User Profile & Membership version 1.3.52 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.3.53 or latest
- WordPress Plugin Starbox-the Author Box for Humans Cross-Site Scripting (3.0.8)
- WordPress Plugin GD Star Rating 'de' Parameter SQL Injection (1.9.10)
- WordPress Plugin WP eCommerce HTML Injection (126.96.36.199)
- WordPress Plugin WooCommerce Amazon Affiliates Multiple Vulnerabilities (8.0)
- WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2)