4Lec4St

**Name of the Vulnerable Software and Affected Versions** Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier **Description** A hardcoded authentication bypass exists in the QR code scanning functionality. Unauthenticated remote attackers can bypass hash verification by providing 'test' as the value for the `hash` parameter. By accessing the 'add wpeevent button qr' endpoint, attackers can retrieve sensitive order details, including PayPal transaction IDs, customer email addresses, purchase amounts, and ticket information, provided they have a known or guessed post ID. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier **Description** An information disclosure issue exists in the QR code scanning endpoint. Unauthenticated attackers can enumerate and retrieve all customer order records by iterating over sequential WordPress post IDs through the 'scan qr.php' endpoint, allowing them to harvest the complete set of orders stored in the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Featured Image from Content WordPress plugin versions prior to 1.7 **Description** The Featured Image from Content WordPress plugin has a server-side request forgery issue. Users with Author-level access can retrieve internal HTTP resources. This is due to insecure URL fetching and file write operations, which allow attackers to obtain sensitive internal data and save it to publicly accessible upload directories. **Recommendations** Update to Featured Image from Content WordPress plugin version 1.7 or later.