Recent vulnerabilities and exploits

NA
CVE-2017-18543

The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations....

NA
CVE-2019-15114

The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF....

NA
CVE-2019-15115

The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF....

NA
CVE-2017-18544

The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF....

NA
CVE-2018-20972

The companion-auto-update plugin before 3.2.1 for WordPress has CSRF....

NA
CVE-2017-18541

The xo-security plugin before 1.5.3 for WordPress has XSS....

NA
CVE-2017-18542

The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues....

NA
CVE-2015-9323

The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection....

NA
CVE-2017-18547

The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms....

NA
CVE-2014-10376

The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection....