Ad Inserter <= 2.4.19 – Authenticated Path Traversal
https://wpvulndb.com/vulnerabilities/9453
More info:
https://wpvulndb.com/vulnerabilities/9453
Hybrid Composer <= 1.4.6 – Unauthenticated Options Update
https://wpvulndb.com/vulnerabilities/9452
More info:
https://wpvulndb.com/vulnerabilities/9452
Hybrid Composer <= 1.4.6 – Unauthenticated Options Update
https://wpvulndb.com/vulnerabilities/9452
More info:
https://wpvulndb.com/vulnerabilities/9452
FV Flowplayer Video Player <= 7.3.18.727 – SQL Injection
https://wpvulndb.com/vulnerabilities/9451
More info:
https://wpvulndb.com/vulnerabilities/9451
FV Flowplayer Video Player <= 7.3.18.727 – SQL Injection
https://wpvulndb.com/vulnerabilities/9451
More info:
https://wpvulndb.com/vulnerabilities/9451
DSA-4481 ruby-mini-magick – security update
Harsh Jaiswal discovered a remote shell execution vulnerability inruby-mini-magick, a Ruby library providing a wrapper around ImageMagickor GraphicsMagick, exploitable when using MiniMagick::Image.open withspecially crafted URLs coming from unsanitized user input.
More info:
https://www.debian.org/security/2019/dsa-4481
Hybrid Composer <= 1.4.6 – Unauthenticated Options Update
More info:
https://wpvulndb.com/vulnerabilities/9452
Newsletter Lite <= 4.6.16 – Authenticated Reflected XSS
More info:
https://wpvulndb.com/vulnerabilities/9447
School Management < 57.0 – CSRF and Stored XSS
More info:
https://wpvulndb.com/vulnerabilities/9450
WP File Manager <= 5.0 – Multiple Vulnerabilities
More info:
https://wpvulndb.com/vulnerabilities/9446