Jeong Seong Ho

**Name of the Vulnerable Software and Affected Versions** Zippy versions through 1.6.5 **Description** The issue is related to a deserialization of untrusted data vulnerability. This can allow a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For versions through 1.6.5, update to a version that fixes the deserialization vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jeffrey-WP Media Library Categories plugin versions <= 2.0.0 **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that affects the Jeffrey-WP Media Library Categories plugin. This vulnerability requires authentication with admin+ privileges. **Recommendations** For versions <= 2.0.0, update to a version higher than 2.0.0 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Easy Media Replace plugin versions prior to 0.1.4 **Description** The issue is related to Broken Access Control, allowing Arbitrary File Deletion. **Recommendations** For Easy Media Replace plugin versions prior to 0.1.4, update to version 0.1.4 or later to resolve the issue.