Marcin Probola

**Name of the Vulnerable Software and Affected Versions** searchterms-tagging-2 plugin versions 1.535 and earlier **Description** The issue is related to a Cross-Site Scripting (XSS) vulnerability. It occurs via the `count` parameter in the `wp-admin/options-general.php` API endpoint. This allows for potential malicious script injection. **Recommendations** For searchterms-tagging-2 plugin versions 1.535 and earlier, consider disabling access to the `wp-admin/options-general.php` endpoint until a fix is available. Avoid using the `count` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pretty-link plugin versions prior to 1.6.8 **Description** The issue concerns SQL injection via the `group` parameter in the `PrliLinksController::list links` function. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For versions prior to 1.6.8, update to version 1.6.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the `PrliLinksController::list links` function or avoiding the use of the `group` parameter until the update is applied.

**Name of the Vulnerable Software and Affected Versions** broken-link-manager plugin versions prior to 0.5.0 **Description** The issue concerns SQL injection via the `url` parameter in the `wpslDelURL` or `wpslEditURL` functions. This allows for potential SQL injection attacks. **Recommendations** For versions prior to 0.5.0, update to version 0.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `wpslDelURL` and `wpslEditURL` functions to minimize the risk of exploitation. Avoid using the `url` parameter in these functions until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** wti-like-post plugin versions prior to 1.4.3 **Description** The issue concerns SQL injection via the `HTTP CLIENT IP`, `HTTP X FORWARDED FOR`, `HTTP X FORWARDED`, `HTTP FORWARDED FOR`, or `HTTP FORWARDED` variable in the WtiLikePostProcessVote function. **Recommendations** For versions prior to 1.4.3, update to version 1.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the WtiLikePostProcessVote function until a patch is available. Avoid using the variables `HTTP CLIENT IP`, `HTTP X FORWARDED FOR`, `HTTP X FORWARDED`, `HTTP FORWARDED FOR`, or `HTTP FORWARDED` in the affected function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** yet-another-stars-rating plugin versions prior to 0.9.1 **Description** The issue is related to SQL injection via the `set id` parameter in the `yasr get multi set values and field` function. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `yasr get multi set values and field` function or avoiding the use of the `set id` parameter until the update is applied.

**Name of the Vulnerable Software and Affected Versions** awesome-filterable-portfolio plugin versions prior to 1.9 **Description** The issue is related to SQL injection via the `cat id` parameter in the `afp get new category page` function. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For versions prior to 1.9, update to version 1.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the `afp get new category page` function or avoiding the use of the `cat id` parameter until the update is applied.

**Name of the Vulnerable Software and Affected Versions** awesome-filterable-portfolio plugin versions prior to 1.9 **Description** The issue is related to a SQL injection vulnerability via the `item id` parameter in the `afp get new portfolio item page` function. This allows for potential exploitation. **Recommendations** For versions prior to 1.9, update to version 1.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the `afp get new portfolio item page` function or avoiding the use of the `item id` parameter until the update is applied.

**Name of the Vulnerable Software and Affected Versions** booking-system plugin versions prior to 2.1 **Description** The issue concerns a SQL injection vulnerability via the `language` parameter in the `DOPBSPBackEndTranslation::display` function. This allows for potential exploitation. **Recommendations** For versions prior to 2.1, update to version 2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `language` parameter in the affected API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** broken-link-manager plugin version 0.4.5 **Description** The issue concerns a cross-site scripting (XSS) flaw. It is triggered via the `page` parameter in a `delURL` action. **Recommendations** For version 0.4.5, consider disabling the `delURL` action until a patch is available to prevent exploitation of the XSS flaw. Restrict access to the `page` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** smooth-slider plugin versions prior to 2.7 **Description** The issue concerns SQL Injection via the `current slider id` parameter in the `/wp-admin/admin.php?page=smooth-slider-admin` API endpoint. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For versions prior to 2.7, update to version 2.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/wp-admin/admin.php?page=smooth-slider-admin` API endpoint until the issue is resolved. Avoid using the `current slider id` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** broken-link-manager plugin versions prior to 0.6.0 for WordPress **Description** The issue allows for XSS via the HTTP Referer or User-Agent header to a URL that does not exist. **Recommendations** For versions prior to 0.6.0, update to version 0.6.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** soundcloud-is-gold plugin versions prior to 2.3.2 **Description** The issue concerns a Cross-Site Scripting (XSS) flaw. It is exploited via the `id` parameter in the "wp-admin/admin-ajax.php?action=get soundcloud player" API endpoint. **Recommendations** For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the "wp-admin/admin-ajax.php?action=get soundcloud player" API endpoint to minimize the risk of exploitation. Avoid using the `id` parameter in this endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** microblog-poster plugin versions prior to 1.6.2 **Description** The issue allows for SQL Injection via the `account id` parameter in the "wp-admin/options-general.php?page=microblogposter.php" API endpoint. **Recommendations** For versions prior to 1.6.2, update to version 1.6.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the "wp-admin/options-general.php?page=microblogposter.php" endpoint until the update is applied. Avoid using the `account id` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** addthis plugin versions prior to 5.0.13 **Description** The issue concerns a CSRF vulnerability that can lead to XSS. It is exploited via the "pubid" parameter in the "/wp-admin/options-general.php?page=addthis social widget" API endpoint. **Recommendations** For versions prior to 5.0.13, update to version 5.0.13 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** dynamic-widgets plugin versions prior to 1.5.11 **Description** The issue concerns a CSRF with resultant XSS. It is exploitable via the "page limit" parameter in the "/wp-admin/themes.php?page=dynwid-config" API endpoint. **Recommendations** For versions prior to 1.5.11, update to version 1.5.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/wp-admin/themes.php?page=dynwid-config" endpoint until the update is applied. Avoid using the `page limit` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** crazy-bone plugin versions prior to 0.6.0 for WordPress **Description** The issue is related to a Cross-Site Scripting (XSS) vulnerability, which occurs via the User-Agent HTTP header. This allows for potential malicious script injection, affecting the security of the system. **Recommendations** For versions prior to 0.6.0, update to version 0.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the User-Agent HTTP header until the update is applied.

**Name of the Vulnerable Software and Affected Versions** manual-image-crop plugin before version 1.11 for WordPress **Description** The issue concerns a CSRF with resultant XSS in the manual-image-crop plugin for WordPress. This occurs via the "wp-admin/admin-ajax.php?action=mic editor window" API endpoint, specifically through the `postId` parameter. **Recommendations** For versions prior to 1.11, update to version 1.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the "wp-admin/admin-ajax.php?action=mic editor window" API endpoint to minimize the risk of exploitation. Avoid using the `postId` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** wordpress-meta-robots plugin versions through 2.1 **Description** The issue concerns a text SQL injection in the `wp-admin/post-new.php` page of the wordpress-meta-robots plugin for WordPress. **Recommendations** For wordpress-meta-robots plugin versions through 2.1, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** gocodes plugin for WordPress versions through 1.3.5 **Description** The issue concerns a SQL injection vulnerability in the gocodes plugin for WordPress, specifically affecting the `wp-admin/tools.php` endpoint with the `gcid` parameter. This allows for potential SQL injection attacks. **Recommendations** For versions through 1.3.5, update to a version later than 1.3.5 to resolve the issue. As a temporary workaround, consider restricting access to the `wp-admin/tools.php` endpoint until a patch is available. Avoid using the `gcid` parameter in the affected endpoint until the issue is resolved.