1 Apr 2016

Plugin Vulnerabilities Updates – Week of 4/1/2016

Plugin Vulnerabilities We Helped Get Fixed This Week

Arbitrary file viewing vulnerability in eBook download, discovered by Wadeek

Plugin Vulnerabilities Added This Week That Are In The Current Version of the Plugins

Remote code execution (RCE) vulnerability in Enable Google Analytics, discovered by elyptic
Remote code execution (RCE) vulnerability in Breadcrumbs EZ, discovered by NinTechNet
Arbitrary file viewing vulnerability in Photocart Link, discovered by CrashBandicot
Cross-site request forgery (CSRF)/cross-site scripting (XSS) vulnerability in Claptastic clap! Button, discovered by Sachin Wagh
SQL injection vulnerability in SEO Redirection Plugin, discovered by novaphoenix

Additional Plugin Vulnerabilities Added This Week

Remote code execution (RCE) vulnerability in OptinMonster API, discovered by James Golovich
Arbitrary file viewing vulnerability in IMDb Profile Widget, discovered by CrashBandicot
Reflected cross-site scripting vulnerability in Music Store, discovered by Sachin Wagh
Cross-site scripting (XSS) vulnerability in Anti-Malware Security and Brute-Force Firewall, discovered by blinkms
Cross-site request forgery (CSRF) in Anti-Malware Security and Brute-Force Firewall, discovered by blinkms

Leave a Reply Cancel reply