WordPress Gwolle Guestbook plugin version 2.5.3 suffers from a cross site scripting vulnerability.
b23bc2a383b6cc1c5ccefb6963683971WordPress Strong Testimonials plugin version 2.31.4 suffers from a cross site scripting vulnerability.
a133893c4212712101407d506a534550WordPress Snazzy Maps plugin versions 1.1.3 and below suffer from a cross site scripting vulnerability.
6a5b64bad9af84f0198e0b9105045392WordPress WP Google Map plugin versions 4.0.4 and below suffer from remote SQL injection vulnerabilities.
2456732033e558ec555c1b594d000411WordPress Ultimate Form Builder Lite versions 1.3.7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
4147f9e58f55a85f9e33e394450a0f3aWordPress Contact Form Maker plugin versions 1.12.20 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.
d08badfbc380bef4839f1e6faaf47b7eWordPress Form Maker plugin versions 1.12.24 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.
222b8b4c330c800a4f881ec057b14e4fMagento suffers from product attribute information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
d73101b6b0b0b0f02a6ec88ff295af50Magento suffers from downloadable product information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
f77d1da16377bd36480710245f667fb2Magento Backups suffer from a cross site request forgery vulnerability. Versions affected include Magento Open Source prior to 1.9.3.8, Magento Commerce prior to 1.14.3.8, Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
0adaddcd0d7b534ec114223d7660feb1Magento suffers from user information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
91c1b88ab3d81c67800e22cebc73902ePureVPN versions 5.19.4.0 and below suffer from a privilege escalation vulnerability.
bc09db910165ef220d5ab399ca475c2dSugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.
2ab4e697942a1f1e39de181287dee068WordPress Testimonial Slider plugin versions 1.2.4 and below suffer from a remote SQL injection vulnerability.
171fbf4af364b138825c12c2a1ba6464WordPress Smooth Slider plugin versions 2.8.6 and below suffer from a remote SQL injection vulnerability.
3ca8963a8f503e09a95c667231a768d8WordPress Dbox 3D Slide Lite plugin versions 1.2.2 and below suffer from multiple remote SQL injection vulnerabilities.
396bea3f46a47c839564e82ee3df2688WordPress Booking Calendar plugin versions 7.1, 7.0, and below suffer from remote SQL injection and local file inclusion vulnerabilities.
fd4e207ff9fc3d6be29efbcdeb30fa9eWordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability.
89af3a8114d77b162a390a6d6b1874e9WordPress Top-10 plugin versions 2.4.2 and below suffer from a remote SQL injection vulnerability.
ee588dbd58069595df55af0f7982b6d0WordPress Ad Widget plugin versions 2.10.0 and below suffer from a local file inclusion vulnerability.
a02c1bb177145fdea032f28a60278396WordPress Simple Login Log plugin version 1.1.1 suffers from multiple remote SQL injection vulnerabilities.
80eca9af5e5ecacd33c8d526809fd7a8During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.
b8e9abcbfbba8f6e6349871a393da400During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. This is a second advisory from DefenseCode for the same software and vulnerabilities. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.
6fac5f12b988c5d618dd41e90f4d5591WordPress Podlove Podcast Publisher plugin versions 2.5.3 and below suffer from a remote SQL injection vulnerability.
7644c1e718ad96e70260bb88694784a8WordPress PressForward plugin versions 4.3.0 and below suffer from a cross site scripting vulnerability.
c1bc43011a404f94f827c88a862b2af5
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed