Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stian Andreassen YouTube SimpleGallery youtube-simplegallery allows Stored XSS.This issue affects YouTube SimpleGallery: from n/a through <= 2.0.6.

Cross-Site Request Forgery (CSRF) vulnerability in bsndev Ultimate Security Checker ultimate-security-checker allows Cross Site Request Forgery.This issue affects Ultimate Security Checker: from n/a through <= 4.2.

Cross-Site Request Forgery (CSRF) vulnerability in Aurélien LWS LWS SMS lws-sms allows Cross Site Request Forgery.This issue affects LWS SMS: from n/a through <= 2.4.1.

Cross-Site Request Forgery (CSRF) vulnerability in forsgren Video Embedder video-embedder allows Stored XSS.This issue affects Video Embedder: from n/a through <= 1.7.1.

Cross-Site Request Forgery (CSRF) vulnerability in PasqualePuzio Login Alert login-alert allows Stored XSS.This issue affects Login Alert: from n/a through <= 0.2.1.

Cross-Site Request Forgery (CSRF) vulnerability in danielmuldernl OmniLeads Scripts and Tags Manager omnileads-scripts-and-tags-manager allows Stored XSS.This issue affects OmniLeads Scripts and Tags Manager: from n/a through <= 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in preetindersodhi TGG WP Optimizer tgg-wp-optimizer allows Stored XSS.This issue affects TGG WP Optimizer: from n/a through <= 1.25.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nazmur Rahman Text Selection Color text-selection-color allows Stored XSS.This issue affects Text Selection Color: from n/a through <= 1.6.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cornershop Better Section Navigation Widget better-section-navigation allows Stored XSS.This issue affects Better Section Navigation Widget: from n/a through <= 1.6.1.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Falcon Solutions Duplicate Page and Post duplicate-post-and-page allows Blind SQL Injection.This issue affects Duplicate Page and Post: from n/a through <= 1.0.