- WordPress Plugin WP Vault is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Vault version 0.8.6.6 is vulnerable; prior versions may also be affected.
- Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
- Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5)
- WordPress Plugin WP App Maker Cross-Site Scripting (188.8.131.52)
- WordPress Plugin Related Posts for WordPress Cross-Site Scripting (1.8.1)
- WordPress Plugin Your Text Manager Cross-Site Scripting (0.3.0)
- WordPress Plugin Easy Appointments Cross-Site Scripting (1.11.7)