WordPress Wisechat plugin version 2.6.3 suffers from a forced tab redirection flow that can aid in phishing attacks.
>> ARCHIVE: 2019-01
Lua version 5.3.5 suffers from a use-after-free vulnerability.
Joomla RSFirewall component version 2.11.25 suffers from a database disclosure vulnerability.
Green CMS version 2.x suffers from a remote SQL injection vulnerability.
Green CMS version 2.x suffers from arbitrary file and directory download vulnerabilities.
Podcast Generator version 2.7 suffers from a persistent cross site scripting vulnerability.
WordPress pitajte-strucnjaka plugin version 4.9.6 suffers from a remote shell upload vulnerability.
WordPress MM-Forms-Community plugin version 2.2.7 suffers from remote shell upload and remote SQL injection vulnerabilities.
https://www.banmor.go.th notified by PRdV
Apple Security Advisory 2019-1-24-1 – iTunes 12.9.3 for Windows is now available and addresses code execution and cross site scripting vulnerabilities.