- WordPress Plugin WP Rocket is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Rocket version 2.10.3 is vulnerable; prior versions may also be affected.
- Update to plugin version 2.10.4 or latest
- WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6)
- WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Cross-Site Scripting Vulnerabilities (2.1.20)
- WordPress Multiple Vulnerabilities (0.70 - 3.6.1)
- WordPress Plugin WordPress Access Areas Security Bypass (1.3.0)
- WordPress Plugin Jetpack by WordPress.com Security Bypass (2.9.2)