- WordPress Plugin WP PHP widget is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin WP PHP widget version 1.0.2 is vulnerable; prior versions may also be affected.
- Edit the source code to ensure that errors containing sensitive information aren't displayed to the end user or disable the plugin until a fix is available
- Joomla! Core 1.5.x Arbitrary File Upload (1.5.0 - 1.5.15)
- WordPress Plugin WP Google Maps Cross-Site Scripting (7.10.41)
- WordPress Plugin copy-me Cross-Site Request Forgery (1.0.0)
- WordPress Plugin LearnPress-WordPress LMS Arbitrary File Write (3.2.2)
- WordPress Plugin Post Pay Counter PHP Object Injection (2.730)