>> AUTHOR: deepcore

WordPress Smart Slider-3 plugin version 3.5.0.8 suffers from a persistent cross site scripting vulnerability.

WordPress wpDiscuz plugin version 7.0.4 remote shell upload exploit.

Backdoor.Win32.Neakse.bit malware suffers from an insecure permissions vulnerability.

Grav CMS version 1.7.10 suffers from a server-side template injection vulnerability.

Sticky Notes and Color Widgets version 1.4.2 suffers from a denial of service vulnerability.

Backdoor.Win32.Wollf.12 malware suffers from a code execution vulnerability.

OptiLink ONT1GEW GPON version 2.1.11_X101 build 1127.190306 authenticated remote code execution exploit.

IcoFX version 2.6 .ico buffer overflow exploit with SEH and DEP bypass using JOP.

Rocket.Chat version 3.12.1 unauthenticated NoSQL injection to remote code execution exploit.