The WP ULike WordPress plugin before 4.7.2.1 does not properly sanitize user display names when rendering on a public page. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
An improper certificate validation vulnerability has been reported to affect QuMagie. Rated low severity (CVSS 1.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.