WordPress ShortPixel Image Optimizer plugin <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter vulnerability

Authenticated Editor+ Arbitrary File Read via 'loadFile' Parameter vulnerability discovered by 0N0ise - cert.pl in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.2...

Information disclosure

Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 transcriptFile parameter to MRcgi/MRchat.pl or 2 LOADFILE parameter to MRcgi/MRABLoad2.pl. NOTE: some of these details are obtained from third party...