#google

WordPress Page Builder KingComposer plugin version 2.9.5 suffers from an open redirection vulnerability.

WordPress ChurcHope Responsive Themes version 4.7.x suffers from a directory traversal vulnerability.

CMS-Bank Mellat Payment Manager version 1.0.0 suffers from a cross site scripting vulnerability.

CMS TSS-EST version 1.0.0 from a remote SQL injection vulnerability that allows for authentication bypass.

CMS Supported IRF-TH version 2.0.6 suffers from a cross site scripting vulnerability.

Wifi Soft Unibox Administration versions 3.0 and 3.1 suffer from a remote SQL injection vulnerability.

CMS SAUDI SOFTECH version 5.0.2 suffers from a remote SQL injection vulnerability.

CMS NEXIN version 2.0 appears to leave default credentials installed after installation.

CMS Emlak Scripti version 2 suffers from a cross site scripting vulnerability.

Buzzy News Viral Lists Polls and Videos version 2.0 appears to leave default credentials installed after installation.