Plugin Vulnerabilities Added This Week That Are In The Current Version of the Plugins

• Authenticated remote code execution vulnerability in  SP Project & Document Manager, discovered by Michael Helwig
• Persistent cross-site scripting (XSS) vulnerability in DW Question & Answer, discovered by  Rahul Pratap Singh

Additional Plugin Vulnerabilities Added This Week

• Remote code execution vulnerability in Custom Content Type Manager, discovered by MartinCDS
• Information disclosure vulnerability in Custom Content Type Manager, discovered by MartinCDS
• Persistent cross-site scripting (XSS) vulnerability in WP Advanced Comment, discovered by Mohammad Khaleghi
• Reflected cross-site scripting (XSS) vulnerability in  SP Project & Document Manager, discovered by Michael Helwig
• Information disclosure vulnerability in SP Project & Document Manager, discovered by Michael Helwig
• SQL injection vulnerability in  SP Project & Document Manager, discovered by Michael Helwig
• Reflected cross-site scripting (XSS) vulnerability in Captcha by BestWebSoft, discovered by Colette Chamberland

Developer Security Advisories

• Smackcoders
• CodePeople