WordPress ALO EasyMail Newsletter plugin version 2.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
>> AUTHOR: deepcore
WordPress xPinner plugin version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
ZeusCart version 4.0 suffers from a cross site scripting vulnerability.
ZeusCart version 4.0 suffers from multiple remote SQL injection vulnerabilities.
WordPress WP-Shop plugin version 3.4.3.18 suffers from a cross site scripting vulnerability.
ManageEngine OpManager versions 11.5 and below suffer from SQL query protection bypass and has hard-coded credentials.
ManageEngine EventLog Analyzer version 10.6 build 10060 suffers from a SQL query execution vulnerability.
ZeusCart version 4.0 suffers from a cross site request forgery vulnerability.
Anchor CMS version 0.9.2 suffers from cross site scripting and open redirect vulnerabilities.
Kirby CMS versions 2.1.0 and below suffer from cross site request forgery and remote shell upload vulnerabilities.