The webp-express plugin before 0.14.11 for WordPress has insufficient protection against arbitrary file reading.
CVE-2019-15331PUBLISHED: 2019-08-22The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection.
CVE-2016-10930PUBLISHED: 2019-08-22The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number.
CVE-2017-18586PUBLISHED: 2019-08-22The insert-pages plugin before 3.2.4 for WordPress has directory traversal via custom template paths.
CVE-2018-20988PUBLISHED: 2019-08-22The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation.
Support the originator by clicking the read the rest link below.