CarSpot < 2.2.1 – Multiple Vulnerabilities

https://wpvulndb.com/vulnerabilities/10047

WPS Hide Login < 1.5.5 – Secret Login Page Disclosure

https://wpvulndb.com/vulnerabilities/10046

wpCentral < 1.4.8 – Privilege Escalation

https://wpvulndb.com/vulnerabilities/10045

WP DS FAQ Plus < 1.4.2 – Stored XSS

https://wpvulndb.com/vulnerabilities/10044

6 key tips for evaluating WordPress activity log plugins

https://www.wpsecurityauditlog.com/wordpress-admin/6-key-tips-evaluating-wordpress-activity-log-plugins/
A WordPress activity log is a must have tool in every website’s security suite. However, determining which plugin is best for incorporating this feature can be tricky, given the large volume of available tools. In order to make an informed decision, there are a few key features to look for when evaluating WordPress activity log plugins. With a bit of research, you can pin down the option that is most suited to your site’s needs. This post will provide a brief introduction to activity log plugins. It will also discuss why it’s important to evaluate them before installing one on […]

Calculated Fields Form < 1.0.354 – Authenticated Stored XSS Issues

https://wpvulndb.com/vulnerabilities/10043

Contact Form Clean and Simple <= 4.7.0 – Authenticated Stored XSS

https://wpvulndb.com/vulnerabilities/10042

How to Protect WordPress Site From Arbitrary Code Execution Attacks?

https://blogvault.net/arbitrary-code-execution/
The post How to Protect WordPress Site From Arbitrary Code Execution Attacks? appeared first on BlogVault – The Most Reliable WordPress Backup Plugin.

AccessAlly < 3.3.2 – Arbitrary PHP Execution

https://wpvulndb.com/vulnerabilities/10039

Chatbot with IBM Watson < 0.8.21 – DOM Cross-Site Scripting

https://wpvulndb.com/vulnerabilities/10035