WordPress Plugin KN Fix Your Title 1.0.1 – ‘Separator’ Stored Cross-Site Scripting (XSS)
WordPress Plugin KN Fix Your Title 1.0.1 – ‘Separator’ Stored Cross-Site Scripting (XSS)
PEEL Shopping 9.3.0 – ‘id’ Time-based SQL Injection
Dolibarr ERP/CRM 10.0.6 – Login Brute Force
WordPress Plugin Mimetic Books 0.2.13 – ‘Default Publisher ID field’ Stored Cross-Site Scripting (XSS)
WordPress Plugin LearnPress 3.2.6.7 – ‘current_items’ SQL Injection (Authenticated)
WordPress Plugin LearnPress 3.2.6.8 – Privilege Escalation
VMware ThinApp suffered from a dll hijacking vulnerability.
Aruba Instant (IAP) remote code execution exploit.
Seagate BlackArmor NAS version sg2000-2000.1331 remote command injection exploit.
Aruba Instant version 8.7.1.0 arbitrary file modification exploit.