The WordPress plugin User Meta 2.4.3 and below is vulnerable to path traversal exploitation. Both the lite and pro version are exploitable and the solution is to update to version 2.4.4.
The WordPress plugin wpDiscuz version 7.0.4 suffers an arbitrary file upload vulnerability that does not require authentication.
The software Pixelimity version 1.0 suffers from a password CSRF (Cross Site Request Forgery) vulnerability.
The software Roundcube Webmail version 1.2 suffers from a File Disclosure vulnerability.
SonicWall SSL-Virutal Private Network version 18.104.22.168 is vulnerable to “shellshock/visualdoor” RCE (Remote Code Execution) Unauthenticated.
The MyBB Forum plugin Timeline version 1.0 is vulnerable to XSS(Cross site Scripting) and CSRF(Cross Site Request Forgery) attacks.