#firefox

WordPress Duplicator plugin version 3.8.7 appears to leave backups in a world accessible directory under the document root.

CMSctweb Creative version 1.0 suffers from a cross site scripting vulnerability.

CMS Ultimate Solutions DreamSus version 1.4 suffers from a cross site scripting vulnerability.

WordPress Page Builder KingComposer plugin version 2.9.6 suffers from an open redirection vulnerability.

WordPress Image Optimization plugin version 3.8.2 suffers from an open redirection vulnerability.

CMS Ultimate Solutions DreamSus version 1.4 suffers from a remote shell upload vulnerability.

WordPress Page Builder KingComposer plugin version 2.9.5 suffers from an open redirection vulnerability.

WordPress ChurcHope Responsive Themes version 4.7.x suffers from a directory traversal vulnerability.

CMS-Bank Mellat Payment Manager version 1.0.0 suffers from a cross site scripting vulnerability.

CMS TSS-EST version 1.0.0 from a remote SQL injection vulnerability that allows for authentication bypass.