WordPress LeagueManager plugin version 3.8 suffers from a remote SQL injection vulnerability. Both an exploit along with patching recommendations are provided.
a3e13cf6b95a3336ab25ac8195f16b3844e2f53413a7db2fbea7d99a9a980665
e107 version 1.0.1 suffers from a cross site request forgery vulnerability that results in arbitrary javascript execution.
1b51a69a54bac68f0bfc9e8db03bc8acc5a1cf1df0b09c6483ae7fc4ca94a525
e107 version 1.0.2 suffers from a cross site request forgery vulnerability that results in SQL injection.
581ae255e2a78865ce312d579dde5e9592d78b773c888719f63727ce4b07e219