WordPress Smart Product Review plugin versions 1.0.4 and below suffer from a remote shell upload vulnerability.

This Metasploit module exploits an input validation error on the log file extension parameter of SuiteCRM version 7.11.18. It does not properly validate upper/lower case characters. Once this occurs, the…

Fuel CMS version 1.4.13 suffers from a remote blind SQL injection vulnerability.

Talariax sendQuick Alertplus Server Admin version 4.3 suffers from a vulnerability that allows an authenticated user to perform error-based SQL injection via unsanitized form fields.

KONGA version 0.14.9 suffers from a privilege escalation vulnerability.

WordPress Contact Form to Email plugin version 1.3.24 suffers from a persistent cross site scripting vulnerability.

Simple Subscription Website version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Wipro Holmes Orchestrator version 20.4.1 unauthenticated arbitrary file reading proof of concept exploit.

PHP Laravel version 8.70.1 suffers from cross site scripting and cross site request forgery related vulnerabilities.

WordPress WPSchoolPress plugin version 2.1.16 suffers from cross site scripting vulnerabilities.