FiberHome MIFI LM53Q1 suffers from credential disclosure and password change vulnerabilities.
>> ARCHIVE: 2018-01
WordPress Social Media Widget by Acurax plugin version 3.2.5 suffers from a cross site request forgery vulnerability.
Synology DiskStation Manager (DMS) versions prior to 6.1.3-15152 suffer from a forget_passwd.cgi user enumeration vulnerability.
WordPress LearnDash plugin version 2.5.3 suffers from an arbitrary file upload vulnerability.
WordPress CMS Tree Page View plugin version 1.4 suffers from cross site request forgery and privilege escalation vulnerabilities.
WordPress Admin Menu Tree Page View plugin version 2.6.9 suffers from cross site request forgery and privilege escalation vulnerabilities.
Rx Tera version 2.0 suffers from a cross site request forgery vulnerability.
Office Tracker version 11.2.5 suffers from a cross site scripting vulnerability.
AvantFAX version 3.3.3 suffers from a cross site scripting vulnerability.
Vanilla Forums versions prior to 2.1.5 suffer from a cross site request forgery vulnerability.