WordPress eCommerce Product Catalog plugin <= 3.0.71 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability via AJAX discovered by WPScan in WordPress eCommerce Product Catalog plugin versions = 3.0.71. Solution Update the WordPress eCommerce Product Catalog plugin to the latest available version at least 3.0.72...

WordPress Flow-Flow Social Stream plugin <= 3.0.71 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found by Alaistair Jerrom-Smith in WordPress Flow-Flow Social Stream plugin versions = 3.0.71. Solution Update the WordPress Flow-Flow Social Stream plugin to the latest available version at least 3.0.72...