Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Question Answer allows Reflected XSS. This issue affects Question Answer: from n/a through 1.2.70.

Deserialization of Untrusted Data vulnerability in PickPlugins Question Answer allows Object Injection. This issue affects Question Answer: from n/a through 1.2.70.

Incorrect Privilege Assignment vulnerability in Projectopia Projectopia allows Privilege Escalation. This issue affects Projectopia: from n/a through 5.1.16.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gb-plugins GB Gallery Slideshow allows Reflected XSS. This issue affects GB Gallery Slideshow: from n/a through 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in serpednet SERPed.net allows Reflected XSS. This issue affects SERPed.net: from n/a through 4.6.

Unrestricted Upload of File with Dangerous Type vulnerability in solacewp Solace Extra allows Using Malicious Files. This issue affects Solace Extra: from n/a through 1.3.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lee Blue Cart66 Cloud allows Reflected XSS. This issue affects Cart66 Cloud: from n/a through 2.3.7.

Cross-Site Request Forgery (CSRF) vulnerability in DevriX Restrict User Registration allows Stored XSS. This issue affects Restrict User Registration: from n/a through 1.0.1.

Deserialization of Untrusted Data vulnerability in wpWax HelpGent allows Object Injection. This issue affects HelpGent: from n/a through 2.2.4.

Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager allows Upload a Web Shell to a Web Server. This issue affects JS Job Manager: from n/a through 2.0.2.