7Coo

**Name of the Vulnerable Software and Affected Versions** Check & Log Email WordPress plugin versions prior to 1.0.6 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in an attribute on an admin page. **Recommendations** For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Call Now Button WordPress plugin versions prior to 1.1.2 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs when a parameter is not properly escaped before being outputted back in an attribute of a hidden input, and this happens when the premium feature is enabled. **Recommendations** For Call Now Button WordPress plugin versions prior to 1.1.2, update to version 1.1.2 or later to resolve the issue. As a temporary workaround, consider disabling the premium feature until the update is applied.