20Kilograma

Name of the Vulnerable Software and Affected Versions: Asgaros Forum versions 3.0.0 and earlier Description: The issue allows Identity Spoofing through an Authentication Bypass by Spoofing vulnerability. Recommendations: For Asgaros Forum versions 3.0.0 and earlier, update to a version that fixes this issue, as no specific workaround is provided in the given information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple:Press versions through 6.10.11 **Description** The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. **Recommendations** For versions through 6.10.11, update to a version that contains a fix for this issue, as the current version is affected by the Missing Authorization vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Simple:Press Forum plugin for WordPress versions prior to 6.10.12 **Description** The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the `sp save edited post` function. This allows unauthenticated attackers to modify a forum post via a forged request if they can trick a site administrator into performing a specific action. **Recommendations** For versions prior to 6.10.12, update to version 6.10.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the `sp save edited post` function to minimize the risk of exploitation.