Zast.Ai

**Nome do Software Vulnerável e Versões Afetadas** StatCounter – Free Real Time Visitor Stats versões anteriores a 2.1.2 **Description** O plugin está sujeito a Stored Cross-Site Scripting, uma falha onde scripts maliciosos são armazenados permanentemente no servidor alvo. Isso ocorre devido à escape de saída insuficiente do apelido do autor da postagem na função `statcounter addToTags()`. A função, que está vinculada ao `wp head` e é executada em cada página de postagem, recupera o apelido do autor via `the author meta()` e o exibe diretamente em um contexto de string de aspas duplas do JavaScript dentro de um bloco `<script>` sem aplicar `esc js()` ou escape equivalente para contexto JavaScript. Consequentemente, atacantes autenticados com nível de acesso de Autor ou superior podem injetar scripts web arbitrários que serão executados sempre que qualquer usuário, incluindo visitantes não autenticados, acessar uma postagem escrita pelo atacante. **Recommendations** Atualize o plugin para uma versão posterior a 2.1.1. Como medida paliativa temporária, restrinja os usuários de possuírem nível de acesso de Autor ou superior até que a atualização seja aplicada.

**Nome do Software Vulnerável e Versões Afetadas** Splide Carousel Block versões anteriores a 1.7.2 **Description** O plugin Splide Carousel Block para WordPress contém um problema de Cross-Site Scripting Armazenado causado por sanitização de entrada e escape de saída insuficientes. Atacantes autenticados com nível de acesso de contribuidor ou superior podem injetar scripts web arbitrários através do atributo de bloco `url`. Esses scripts são executados quando um usuário acessa a página afetada. Para que a carga útil seja executada para os visitantes do site, a postagem deve primeiro ser aprovada e publicada por um editor ou administrador. **Recommendations** Atualize o plugin para uma versão posterior a 1.7.1. Como mitigação temporária, restrinja a capacidade de usuários com nível de acesso de contribuidor de modificar o atributo de bloco `url`.

**Name of the Vulnerable Software and Affected Versions** ByteDance verl versões anteriores a 0.7.1 **Description** Um problema de sandbox existe na função `math equal()` dentro do arquivo `prime math/grader.py`. Esta falha permite ataques remotos, embora a complexidade seja alta e a explorabilidade seja considerada difícil. **Recommendations** Atualize para uma versão posterior a 0.7.0. Como medida paliativa temporária, considere restringir o uso da função `math equal()` no arquivo `prime math/grader.py`.

Name of the Vulnerable Software and Affected Versions OpenClaw versões até 2026.1.26 Description Uma fraqueza foi identificada no OpenClaw até a versão 2026.1.26, especificamente dentro da funcionalidade `assertPublicHostname Handler` do arquivo `src/agents/tools/web-fetch.ts`. Uma manipulação pode levar a falsificação de solicitação do lado do servidor. O ataque pode ser executado remotamente e é caracterizado por alta complexidade, embora a exploração seja conhecida por ser difícil. O exploit foi disponibilizado publicamente. Recommendations Atualize para a versão 2026.1.29 ou posterior, que inclui o patch b623557a2ec7e271bda003eb3ac33fbb2e218505. Atualize o componente afetado.

**Name of the Vulnerable Software and Affected Versions** elecV2 versions up to 3.8.3 **Description** A flaw exists in elecV2, specifically within the Endpoint component. Manipulation of the `filename` argument in a function related to the `/logs` file can lead to cross-site scripting. This issue is potentially exploitable remotely. The project was notified of the problem but has not yet responded. The exploit has been publicly disclosed. **Recommendations** Versions prior to 3.8.4 should be updated.

**Name of the Vulnerable Software and Affected Versions** elecV2 versions prior to 3.8.4 **Description** A flaw exists in elecV2, specifically in the `pm2run` function within the `/rpc` file. A manipulation of this function can lead to operating system command injection. This issue can be exploited remotely. The exploit has been published. **Recommendations** Update to version 3.8.4 or later. As a temporary workaround, consider restricting access to the `/rpc` file. Avoid using the `pm2run` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** elecV2 versions prior to 3.8.4 **Description** A code injection issue exists in the JSON Parser component due to manipulation of the `rawcode` argument within the `runJSFile` function of the `/webhook` file. Remote exploitation is possible. The project was informed of the issue but has not responded. **Recommendations** Update to version 3.8.4 or later.

**Name of the Vulnerable Software and Affected Versions** elecV2 elecV2P versions through 3.8.3 **Description** A server-side request forgery condition exists due to manipulation of the `req` argument within the `eAxios` function located in the `/mock` file of the URL Handler component. This allows for remote attacks. The project was notified of the issue but has not yet responded. The exploit is publicly available. **Recommendations** Versions prior to 3.8.4 should be updated. Consider temporarily disabling the `eAxios` function until a patch is available. Restrict access to the `/mock` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** elecV2 versions prior to 3.8.4 **Description** A path traversal issue exists due to the manipulation of the `path.join` function within the `/log/` file of the Wildcard Handler component. This allows for remote exploitation. The project was notified of the issue but has not yet responded. The exploit has been publicly disclosed. **Recommendations** Update to version 3.8.4 or later. As a temporary workaround, restrict access to the `/log/` file. Consider disabling the Wildcard Handler component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** elecV2 versions up to 3.8.3 **Description** A flaw exists in the function `path.join` within the file `/store/:key`. Manipulation of the `URL` argument can lead to path traversal, allowing for remote exploitation. The exploit has been publicly disclosed. The project was notified of the issue but has not yet responded. **Recommendations** Versions prior to 3.8.4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Content Visibility for Divi Builder version 4.01 **Description** A contributor-controlled expression reaches the `eval()` function through real feature paths. More than 2,000 active installations are reported. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** zyddnys manga-image-translator versions through beta-0.3 **Description** A server-side request forgery condition exists in zyddnys manga-image-translator. The issue is located in the `to pil image` function within the `request extraction.py` file of the Translate Endpoints component. This manipulation can lead to server-side request forgery, and the attack can be initiated remotely. The exploit has been publicly disclosed. The project maintainers were notified of the issue but have not yet responded. **Recommendations** Versions prior to beta-0.3 should be used. As a temporary workaround, consider restricting access to the `to pil image()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** elecV2P versions through 3.8.3 **Description** A security issue exists in elecV2P that allows for code injection. The `runJSFile` function within the `wbjs.js` file, part of the `jsfile` Endpoint component, is susceptible to manipulation. This manipulation can lead to remote code execution. The exploit for this issue has been publicly disclosed. The project maintainers were notified of the problem but have not yet responded. **Recommendations** Versions through 3.8.3 should be updated when a fix becomes available. As a temporary workaround, consider disabling the `runJSFile()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Jcharis Machine-Learning-Web-Apps versions prior to a6996b634d98ccec4701ac8934016e8175b60eb5 **Description** A security issue exists in Jcharis Machine-Learning-Web-Apps. The `render template` function within the Jinja2 Template Handler component, located in the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py, is susceptible to cross site scripting. This manipulation can be exploited remotely. The exploit is publicly available. The product utilizes a rolling release model, meaning specific version details for affected and updated releases are unavailable. The project was notified of the issue but has not yet responded. **Recommendations** Versions prior to a6996b634d98ccec4701ac8934016e8175b60eb5: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xierongwkhd weimai-wetapp versions prior to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2 **Description** A security issue exists in xierongwkhd weimai-wetapp. The `getAdmins` function within the file source-code/src/main/java/com/moke/wp/wx weimai/controller/admin/Admin AdminUserController.java is susceptible to SQL injection. Manipulating the `keyword` argument can trigger this issue. Remote exploitation is possible. The exploit is publicly available. The software utilizes a rolling release model, meaning specific version details for affected or updated releases are not provided. The project maintainers were notified of the problem but have not yet responded. **Recommendations** Versions prior to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2: As a temporary workaround, consider restricting access to the `getAdmins` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** xierongwkhd weimai-wetapp versions up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2 **Description** A flaw exists in xierongwkhd weimai-wetapp. The issue affects the `getLikeMovieList` function within the file source-code/src/main/java/com/moke/wp/wx weimai/controller/HomeController.java of the Endpoint component. Manipulation of the `cat` argument can lead to SQL injection. The attack can be executed remotely. The exploit has been published. The product uses a rolling release model, meaning version information for affected or updated releases is unavailable. The project was notified of the issue but has not responded. **Recommendations** Versions up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Woahai321 ListSync versions up to 0.6.6 **Description** A server-side request forgery issue exists in Woahai321 ListSync. The problem affects the `requests.post` function within the `list-sync-main/api server.py` file, specifically in the JSON Handler component. Manipulation of this function can lead to server-side request forgery, and the attack can be carried out remotely. The exploit has been publicly disclosed. The project maintainers were informed of the issue but have not yet responded. **Recommendations** Versions up to 0.6.6 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LockerProject Locker versions 0.0.0 through 0.1.0 **Description** A security issue exists in LockerProject Locker. The `authIsAwesome` function within the Error Response Handler component, specifically in the file source-code/Locker-master/Ops/registry.js, is susceptible to cross-site scripting. Manipulation of the `ID` argument can lead to this issue. The attack can be initiated remotely. An exploit for this issue has been publicly released. The project maintainers were previously notified of the problem through an issue report but have not yet responded. **Recommendations** Versions 0.0.0 through 0.1.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Nome do Software Vulnerável e Versões Afetadas xuxueli xxl-job versões até a 3.3.2 Descrição Uma condição de falsificação de requisição do lado do servidor existe no xuxueli xxl-job. O problema está localizado no arquivo source-code/src/main/java/com/xxl/job/admin/controller/JobInfoController.java, afetando uma função desconhecida. Isso permite ataques remotos. O mantenedor do projeto indicou que é necessária a verificação de segurança do token de acesso para resolver o problema. Recomendações Versões anteriores à 3.3.2 exigem verificação de segurança do token de acesso.

**Name of the Vulnerable Software and Affected Versions** Bytedesk versions up to 1.3.9 **Description** A server-side request forgery condition exists in Bytedesk. The issue is located in the `getModels` function within the `SpringAIOpenrouterRestController` component, specifically in the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java. Manipulation of the `apiUrl` argument can lead to server-side request forgery. The exploit has been publicly disclosed. **Recommendations** Upgrade to version 1.4.5.4 to resolve this issue.