- WordPress Plugin UnGallery is prone to a remote arbitrary command execution vulnerability because it fails to properly validate user-supplied input. An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application. WordPress Plugin UnGallery version 2.1.5 is vulnerable; prior versions may also be affected.
- Update to plugin version 2.1.6 or latest
- WordPress Plugin Easy Contact Form Builder Cross-Site Scripting (1.0)
- WordPress Plugin N-Media Website Contact Form with File Upload Arbitrary File Upload (1.3.4)
- WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.1.1)
- PHP POST file upload buffer overflow vulnerabilities
- Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.1)