CVE-2015-9304 The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input. View Full Alert Related Posts CVE-2015-6960edx-platform before 2015-09-17 allows XSS via a team name. View Full Alert CVE-2015-6253edx-platform before 2015-08-17 allows XSS in the Studio listing of courses. View Full Alert CVE-2015-3907CodeIgniter Rest Server (aka codeigniter-restserver) 2.7.1 allows XXE attacks. View Full Alert