Application: WordPress
Affected Version: version 1.3.3 and other versions.
Vendor’s URL: Frontier Post Plugin
Bug Type: Security Bypass
Risk Level: Critical
Solution:
The vendor has released a fix. However, the fix is not effective. No official solution is currently available.
Access Bypass, Content Management
Application: WordPress
Affected Version: version 1.4.7 and other versions.
Vendor’s URL: Spider Catalog Plugin
Bug Type: Cross-Site Scripting and SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, Cross Site Scripting, SQL Injection
Application: WordPress
Affected Version: versions prior to 2.0.
Vendor’s URL: SS Quiz Plugin
Bug Type: -
Risk Level: Critical
Solution:
Upgrade to version 2.0.
Content Management
Application: WordPress
Affected Version: versions 1.6 and 2.0 and other versions.
Vendor’s URL: Video Gallery Plugin
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Upgrade or update to version 2.1.
Content Management, SQL Injection
Application: WordPress
Affected Version: versions prior to 0.5.3.
Vendor’s URL: WP Print Friendly Plugin
Bug Type: Security Bypass
Risk Level: Critical
Solution:
Update to version 0.5.3.
Access Bypass, Content Management
Application: Joomla!
Affected Version: version 2.3.2 and other versions.
Vendor’s URL: DJ-Classifieds Component
Bug Type: SQL Injection
Risk Level: Critical
Solution:
No official solution is currently available.
Content Management, SQL Injection
Application: YaBB
Affected Version: version 2.5.2.
Vendor’s URL: YaBB
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Fixed in the SVN repository.
Discussion Boards, File Inclusion
Application: WordPress
Affected Version: versions prior to 0.5.
Vendor’s URL: open-flash-chart-core Plugin
Bug Type: Access Bypass
Risk Level: Critical
Solution:
Update to version 0.5.
Access Bypass, Content Management