WordPress Ad Inserter – Ad Manager & AdSense Ads plugin <= 2.8.15 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by darkmode in WordPress Plugin Ad Inserter versions = 2.8.15...

WordPress SMTP2GO for WordPress – Email Made Easy plugin <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate vulnerability

Missing Authorization to Authenticated Subscriber+ Log Read/Truncate vulnerability discovered by darkmode in WordPress Plugin SMTP2GO versions = 1.16.0...

WordPress User Registration & Membership plugin <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation vulnerability

Missing Authorization to Authenticated Contributor+ Content Access Rule Manipulation vulnerability discovered by darkmode in WordPress Plugin User Registration versions = 5.1.4...

WordPress Smart Custom Fields plugin <= 5.0.6 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Relational Post Search vulnerability

Missing Authorization to Authenticated Contributor+ Sensitive Information Exposure via Relational Post Search vulnerability discovered by darkmode in WordPress Plugin Smart Custom Fields versions = 5.0.6...

openSUSE Security Update : MozillaThunderbird (openSUSE-2020-2133)

This update for MozillaThunderbird fixes the following issues : - Mozilla Thunderbird 78.4.2 MFSA 2020-49 bsc1178611 - CVE-2020-26950 bmo1675905 Write side effects in MCallGetProperty opcode not accounted for - Mozilla Thunderbird 78.4.1 - new: Thunderbird prompts for an address to use when...