WP Better Permalinks <= 3.0.4 – CSRF allowing Option Update
More info:
https://wpvulndb.com/vulnerabilities/9398
WD Instagram Feed <= 1.3.0 – XSS
More info:
https://wpvulndb.com/vulnerabilities/9393
WP SpreadPlugin <= 3.8.6 – XSS
More info:
https://wpvulndb.com/vulnerabilities/9396
Import users from CSV with meta <= 1.14.1.3 – CSRF leading to attachment deletion
More info:
https://wpvulndb.com/vulnerabilities/9392
WP Ultimate Recipe <= 3.12.6 – Authenticated Stored XSS
More info:
https://wpvulndb.com/vulnerabilities/9394
CP Contact Form with Paypal <= 1.3.01 – Multiple XSS
More info:
https://wpvulndb.com/vulnerabilities/9381
SAML SP Single Sign On <= 4.8.72 – Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9397
Linux kernel vulnerability CVE-2019-11487
Linux kernel vulnerability CVE-2019-11487 Security Advisory Security Advisory Description The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after- ...
More info:
https://support.f5.com/csp/article/K14255532
DSA-4472 expat – security update
It was discovered that Expat, an XML parsing C library, did not properlyhandled XML input including XML names that contain a large number ofcolons, potentially resulting in denial of service.
More info:
https://www.debian.org/security/2019/dsa-4472
Ads For WP – Cross-Site Request Forgery (CSRF)
More info:
https://wpvulndb.com/vulnerabilities/9395