xPinner Lite <= 2.2 - Cross-Site Scripting (XSS) & CSRF

The xpinner-lite WordPress plugin was affected by a Cross-Site Scripting XSS & CSRF security vulnerability...

sourceAFRICA <= 0.1.3 - Unauthenticated Cross-Site Scripting (XSS)

The sourceafrica WordPress plugin was affected by an Unauthenticated Cross-Site Scripting XSS security vulnerability...

CP Image Store with Slideshow <= 1.0.6 - Purchase ID Brute Force Prevention

The CP Image Store with Slideshow WordPress plugin was affected by a Purchase ID Brute Force Prevention security vulnerability...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the AB Google Map Travel AB-MAP plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 lat Latitude, 2 long Longitude, 3...

GroupDocs Comparison <= 1.0.2 - Multiple Parameter XSS

The GroupDocs.Comparison for Cloud WordPress plugin was affected by a Multiple Parameter XSS security vulnerability...

GroupDocs Signature 1.2.0 - grpdocs-dialog.php Multiple Parameter XSS

The GroupDocs.Signature for Cloud WordPress plugin was affected by a grpdocs-dialog.php Multiple Parameter XSS security vulnerability...

Custom Tables 3.4.4 - iframe.php key Parameter XSS

The custom-tables WordPress plugin was affected by an iframe.php key Parameter XSS security vulnerability...

Simply Poll 1.4.1 - wp-admin/admin.php question Parameter XSS

The simply-poll WordPress plugin was affected by a wp-admin/admin.php question Parameter XSS security vulnerability...

Spider Calendar 1.3.0 - Multiple Vulnerabilities

The spider-calendar WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability...

WP Marketplace 1.5.0-1.6.1 - Arbitrary File Upload

The wpmarketplace WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

LB Mixed Slideshow 1.0 - Arbitrary File Upload

The lb-mixed-slideshow WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

VideoWhisper Video Conference Integration 4.51 - Arbitrary File Upload

The Webcam Video Conference WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

wp-gpx-max version 1.1.21 - Arbitrary File Upload

The wp-gpx-map WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

XSS and FPD vulnerabilities in Js-Multi-Hotel for WordPress

Hello 3APA3A! These are vulnerabilities in Js-Multi-Hotel plugin for WordPress. ------------------------- Affected products: ------------------------- Vulnerable are Js-Multi-Hotel 2.2.1 and previous versions. ------------------------- Affected vendors: ------------------------- Joomlaskin...