- WordPress is prone to a security bypass vulnerability. Authenticated attackers may exploit this issue to gain access to configuration scripts, which may allow them to obtain sensitive information or elevate privileges; other attacks may also be possible. WordPress versions 2.8 and prior are vulnerable.
- Update to WordPress version 2.8.1 or latest
- WordPress Plugin Active Directory Integration SQL Injection (1.1.8)
- WordPress Plugin Visual Form Builder Multiple Cross-Site Scripting Vulnerabilities (2.8.6)
- WordPress Plugin Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Multiple Cross-Site Scripting Vulnerabilities (3.11.2)
- WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Arbitrary File Upload (2.7.4)
- WordPress Plugin Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7)