WordPress WPSchoolPress plugin version 2.1.16 suffers from cross site scripting vulnerabilities.
Online Learning System 2.0 – Remote Code Execution (RCE)
CMDBuild 3.3.2 – ‘Multiple’ Cross Site Scripting (XSS)
PHP Laravel 8.70.1 – Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)
Fuel CMS 1.4.13 – ‘col’ Blind SQL Injection (Authenticated)
Simple Subscription Website 1.0 – SQLi Authentication Bypass
KONGA 0.14.9 – Privilege Escalation
WordPress Plugin Contact Form to Email 1.3.24 – Stored Cross Site Scripting (XSS) (Authenticated)
WordPress Plugin WPSchoolPress 2.1.16 – ‘Multiple’ Cross Site Scripting (XSS)
Mumara Classic versions 2.93 and below suffer from a remote SQL injection vulnerability.