WordPress Plugin WPSchoolPress 2.1.16 – ‘Multiple’ Cross Site Scripting (XSS)
>> AUTHOR: deepcore
WordPress Plugin WPSchoolPress 2.1.16 – ‘Multiple’ Cross Site Scripting (XSS)
WordPress Plugin Contact Form to Email 1.3.24 – Stored Cross Site Scripting (XSS) (Authenticated)
KONGA 0.14.9 – Privilege Escalation
Simple Subscription Website 1.0 – SQLi Authentication Bypass
Fuel CMS 1.4.13 – ‘col’ Blind SQL Injection (Authenticated)
PHP Laravel 8.70.1 – Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)
Mumara Classic versions 2.93 and below suffer from a remote SQL injection vulnerability.
Microsoft MultiPoint Server 2011 version 6.1 Compilation 7601 Service Pack 1 suffers from an RpcEptMapper and Dnschade local privilege escalation vulnerability.
Xlight FTP version 3.9.3.1 suffers from a buffer overflow vulnerability.
WordPress WP Symposium Pro version 2021.10 suffers from a persistent cross site scripting vulnerability.