CVE-2016-10984 (echo_sign) The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter. View Full Alert Related Posts CVE-2016-10937IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. View Full Alert CVE-2016-10761Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack. View Full Alert CVE-2016-10814cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119). View Full Alert