WordPress Backup Plugin Backup Disclosure
Application: WordPress
Affected Version: versions prior to 2.1.
Vendor’s URL: Backup Plugin
Bug Type: information disclosure
Risk Level: Critical
Solution:
Update to version 2.1.
Application: WordPress
Affected Version: versions prior to 2.1.
Vendor’s URL: Backup Plugin
Bug Type: information disclosure
Risk Level: Critical
Solution:
Update to version 2.1.
Application: WordPress
Affected Version: version 2.10 and other versions.
Vendor’s URL: Mac Photo Gallery Plugin
Bug Type: Cross Site Scripting
Risk Level: Critical
Solution:
Upgrade to version 3.0.
Application: WordPress
Affected Version: version 1.9.18 and prior versions.
Vendor’s URL: GD Star Rating Plugin
Bug Type: Security Bypass
Risk Level: Critical
Solution:
Update to version 1.9.19 or later.
Application: WordPress
Affected Version: version 2.3.7 and other versions.
Vendor’s URL: Cimy User Extra Fields Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 1.8 and other versions.
Vendor’s URL: Nmedia Users File Uploader Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
Upgrade to version 2.0.
Application: WordPress
Affected Version: version 2.5.1 and other versions.
Vendor’s URL: Resume Submissions & Job Postings Plugin
Bug Type: File Upload
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 1.1.2 and other versions.
Vendor’s URL: Post Recommendations Plugin
Bug Type: File Inclusion
Risk Level: Critical
Solution:
No official solution is currently available.
Application: Joomla!
Affected Version: version 2.0 and other versions.
Vendor’s URL: OS Property Component
Bug Type: File Upload
Risk Level: Critical
Solution:
Update to version 2.0.3.
Application: DotNetNuke
Affected Version: versions 5.5.0 through 5.6.7 and 6.0.0 through 6.2.0.
Vendor’s URL: DotNetNuke
Bug Type: Security Bypass, Cross Site Scripting
Risk Level: Critical
Solution:
Update to version 5.6.8 or 6.2.1.
Application: Drupal
Affected Version: versions 6.x-1.x prior to 6.x-1.1 and 7.x-1.x prior to 7.x-1.1.
Vendor’s URL: Security Questions Module
Bug Type: Security Bypass
Risk Level: Critical
Solution:
Update to a fixed version.
Application: WordPress
Affected Version: version 12.07.07 and other versions.
Vendor’s URL: WP Symposium Plugin
Bug Type: Security Bypass
Risk Level: Critical
Solution:
Update to version 12.07.14.
Application: WordPress
Affected Version: version 12.06.16 and other versions.
Vendor’s URL: WP Symposium Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 12.07.01 or later.
Application: WordPress
Affected Version: version 2.3 and other versions.
Vendor’s URL: A Page Flip Book Plugin
Bug Type: File Inclusion
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 2.1.0 and other versions.
Vendor’s URL: Sendit Newsletter Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 1.0 and other versions.
Vendor’s URL: Flip Book Plugin
Bug Type: File upload
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 0.9 and other versions.
Vendor’s URL: MoodThingy Mood Rating Widget Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Update to version 0.9.2.
Application: WordPress
Affected Version: version 2.2.1 and other versions.
Vendor’s URL: Front-end Editor Plugin
Bug Type: System Access
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 8.0.
Vendor’s URL: Email Newsletter Plugin
Bug Type:
Risk Level: Critical
Solution:
Upgrade to version 9.0.