Drupal Revisioning Information Disclosure Security Issue
Application: Drupal
Affected Version: version 7.x-1.7.
Vendor’s URL: Drupal Revisioning
Bug Type: Information Disclosure
Risk Level:
Solution:
Update to version 7.x-1.8.
Application: Drupal
Affected Version: version 7.x-1.7.
Vendor’s URL: Drupal Revisioning
Bug Type: Information Disclosure
Risk Level:
Solution:
Update to version 7.x-1.8.
Application: WordPress
Affected Version: version 1.2.0 and other versions.
Vendor’s URL: Linenity Theme
Bug Type: File Disclosure
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version:
Vendor’s URL: Search ‘N Save Plugin
Bug Type: Path Disclosure and Cross-Site Scripting
Risk Level: Medium
Solution:
No official solution is currently available.
Content Management, Cross Site Scripting, Information Disclosure
Application: WordPress
Affected Version: version 3.5.1 and prior versions.
Vendor’s URL: WordPress
Bug Type: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information, DoS
Risk Level: Critical
Solution:
Update to version 3.5.2.
Access Bypass, Content Management, Cross Site Scripting, Information Disclosure
Application: Joomla!
Affected Version: 3.0.x versions prior to 3.0.3.
Vendor’s URL: Joomla!
Bug Type: Information Disclosure
Risk Level: Critical
Solution:
Update to version 2.5.9 or 3.0.3.
Application: JSUpload
Affected Version: versions prior to 0.6.5.
Vendor’s URL: JSUpload
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Update to version 0.6.5.
Application: WordPress
Affected Version: version 1.4.2 and other versions.
Vendor’s URL: Cimy User Manager Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
No official solution is currently available.
Application: WordPress
Affected Version: version 0.1.
Vendor’s URL: Download Shortcode Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Update to version 0.2.1.
Application: WordPress
Affected Version: version 0.1.
Vendor’s URL: eShop Magic Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Update to version 0.2.
Application: WordPress
Affected Version: version 1.0.
Vendor’s URL: Vitamin Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Update to version 1.1.
Application: WordPress
Affected Version: versions prior to 2.1.
Vendor’s URL: Backup Plugin
Bug Type: information disclosure
Risk Level: Critical
Solution:
Update to version 2.1.
Application: WordPress
Affected Version: version 3.0.1 and other versions.
Vendor’s URL: Google Maps Via Store Locator Plus Plugin
Bug Type: SQL Injection & Path Disclosure
Risk Level: Critical
Solution:
Restrict access to the wp-content/plugins/store-locator-le/core/load_wp_config.php file (e.g. via .htaccess). Edit the source code to ensure that input is properly sanitised.
Application: WordPress
Affected Version: version 1.0 and other versions.
Vendor’s URL: Simple Download Button Shortcode Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly verified.
Application: WordPress
Affected Version: version 1.1.0 and other versions.
Vendor’s URL: Easy Contact Forms Export Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly verified.
Application: Drupal
Affected Version: versions prior to 7.x-2.2.
Vendor’s URL: Linkit Module
Bug Type: Information Disclosure
Risk Level: Critical
Solution:
Update to version 7.x-2.3.
Application: WordPress
Affected Version: version 1.0.8.1 and other versions.
Vendor’s URL: myEASYbackup Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Update to version 1.0.9.
Application: WordPress
Affected Version: version 3.1 and prior versions
Vendor’s URL: Count Per Day Plugin
Bug Type: Cross-Site Scripting and File Disclosure
Risk Level: Critical
Solution:
Update to version 3.1.1.
Content Management, Cross Site Scripting, Information Disclosure
Application: WordPress
Affected Version: version 1.4.1 and prior versions
Vendor’s URL: Mailing List Plugin
Bug Type: File Download
Risk Level: Critical
Solution:
Update to version 1.4.2.
Application: WordPress
Affected Version: version 0.1 and other versions.
Vendor’s URL: Filedownload Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly verified.
Application: WordPress
Affected Version: versions prior to 110812.
Vendor’s URL: s2Member Plugin
Bug Type: File Disclosure
Risk Level: Critical
Solution:
Update to version 110812 or later.