- WordPress Plugin WooCommerce is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin WooCommerce version 3.4.5 is vulnerable; prior versions may also be affected.
- Update to plugin version 3.4.6 or latest
- WordPress Plugin BulletProof Security Cross-Site Scripting (.50.9)
- WordPress Plugin Google Doc Embedder Multiple Vulnerabilities (2.6.1)
- WordPress Plugin Htaccess by BestWebSoft Cross-Site Scripting (1.4)
- Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.5)
- WordPress Plugin Free counter Cross-Site Scripting (1.1)