- WordPress Plugin WordPress Simple Paypal Shopping Cart is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin WordPress Simple Paypal Shopping Cart version 3.5 is vulnerable; prior versions may also be affected.
- Update to plugin version 3.6 or latest
- WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)
- WordPress Plugin Fast Secure Contact Form-Clockwork SMS Cross-Site Scripting (2.1.2)
- WordPress Plugin MoodThingy Mood Rating Widget 'postID' Parameter Blind SQL Injection (0.8.7)
- WordPress 4.0.x Same Origin Method Execution (SOME) Vulnerability (4.0 - 4.0.10)
- WordPress Plugin Answer My Question Multiple Cross-Site Scripting Vulnerabilities (1.1)