WordPress Gwolle Guestbook plugin version 2.5.3 suffers from a cross site scripting vulnerability.
0102adc89a526756f71376d8ca8b12e0af203e535a067eed6ad082c80015d2a0WordPress Strong Testimonials plugin version 2.31.4 suffers from a cross site scripting vulnerability.
29e3e61c5bb4cc522ae61f3fdbf89e035d73bfa6c4c7ed5ee78b79874121d335WordPress Snazzy Maps plugin versions 1.1.3 and below suffer from a cross site scripting vulnerability.
69d9372e1f11eb13779812a45773c8c5799eb581c2d4f0a43fdac8c63bc11aacWordPress WP Google Map plugin versions 4.0.4 and below suffer from remote SQL injection vulnerabilities.
47845a0de05723fa22908baa8f1387f03dc2b7a10302916bf08f5d96fc9dd027WordPress Ultimate Form Builder Lite versions 1.3.7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
94336025653173391ac5889e704bcfd91b865bf11182e68e4e9264480f585de8WordPress Contact Form Maker plugin versions 1.12.20 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.
6b69b22bcc4cf5af62f351dcfe1d610cce1dc958b7caf6c12697c2a54a3e9c7dWordPress Form Maker plugin versions 1.12.24 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.
3131d3f173b1933fc4dabd940dc3fd7fa471504c3704fbfd5ced31130a9aa0fbMagento suffers from product attribute information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
549e235e03ef0bdbe9eea05a3e1bd3f340f29761c9abdad73f4036142c0591e3Magento suffers from downloadable product information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
1bbd2c7b993ffcb1a4ef9c205272274661f6065ff4e313cd2057ced8ea75d918Magento Backups suffer from a cross site request forgery vulnerability. Versions affected include Magento Open Source prior to 1.9.3.8, Magento Commerce prior to 1.14.3.8, Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
6d870f518782a4d674caa1e656efd73fa25831cbd1426facfd575d0b2defcd72Magento suffers from user information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.
8655d134ed2747f6351bd7d013f6487b55c2509759a2cba576f6d2143f46f59dPureVPN versions 5.19.4.0 and below suffer from a privilege escalation vulnerability.
f01935ae5539d9a66d7d09ee0ec64486230558bc46f1e918ef59cf2148cdaa26SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.
bc4cc7bf63d53a27a1eb576d08fe29628ea8da32f5518c5c866e31065558a8a7WordPress Testimonial Slider plugin versions 1.2.4 and below suffer from a remote SQL injection vulnerability.
4843ea7190a8b03ec20a9232c6f5a6ded3adba6e253edb278b67f49e681f02b0WordPress Smooth Slider plugin versions 2.8.6 and below suffer from a remote SQL injection vulnerability.
969899dce42308e6793f299ffa4d732c1287d84bb8b4576223cafa7d5fed6dceWordPress Dbox 3D Slide Lite plugin versions 1.2.2 and below suffer from multiple remote SQL injection vulnerabilities.
5528cd5d06c970cf9130914fc542c9f448c79f182518089b7000c271a6fad1dbWordPress Booking Calendar plugin versions 7.1, 7.0, and below suffer from remote SQL injection and local file inclusion vulnerabilities.
646173f5e81a1f63cb65e0e58738fb57ac62c8835c609e27e0a0a795b6dbd637WordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability.
ae6b1807725083901c6a9501a476db389ad391985032e1b233e714bc82349172WordPress Top-10 plugin versions 2.4.2 and below suffer from a remote SQL injection vulnerability.
491e52f7852755e7029e0188400d67003a5d9a69543fdd91e42c7ab58563697fWordPress Ad Widget plugin versions 2.10.0 and below suffer from a local file inclusion vulnerability.
4dca75cd604be2d9ee5f59b3df5a6b97e028b213c809e41dec3862eafa62e6c7WordPress Simple Login Log plugin version 1.1.1 suffers from multiple remote SQL injection vulnerabilities.
fe442cde72653defe51ab63edea37018252e0e898b0851ee4a61c92bdfdc035cDuring a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.
4d32bf78790a47b612f73e6f5369bdb54efc47178d31a6a5c2caee2287e9d34fDuring a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. This is a second advisory from DefenseCode for the same software and vulnerabilities. Versions affected include Magento CE 1 prior to 1.9.3.6, Magento Commerce prior to 1.14.3.6, Magento 2.0 prior to 2.0.16, and Magento 2.1 prior to 2.1.9.
8d86ea8e9eb75bb36c388fcd274b7cd6fb4431c98f0098e80d1cb745bb4f4af9WordPress Podlove Podcast Publisher plugin versions 2.5.3 and below suffer from a remote SQL injection vulnerability.
dc7e4831715fbb93ca6ee18c38fa2fb87560853f28673c4b78848d8a2c9b707eWordPress PressForward plugin versions 4.3.0 and below suffer from a cross site scripting vulnerability.
9149d5fd6fd493f3e94be2c3cc8a6fe5c63013bed56d64669eb18d0a79c6e30b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed