Ahmad Salem

**Name of the Vulnerable Software and Affected Versions** Pretty Google Calendar plugin for WordPress versions prior to 2.0.1 **Description** The Pretty Google Calendar plugin for WordPress is susceptible to unauthorized data access. This is due to a missing capability check within the `pgcal ajax handler()` function. This allows unauthenticated attackers to retrieve the Google API key configured in the plugin settings. **Recommendations** Update to version 2.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** ACF Flexible Layouts Manager plugin for WordPress versions up to and including 1.1.6 **Description** The ACF Flexible Layouts Manager plugin for WordPress has a flaw that allows unauthorized modification of data. This is due to a missing capability check within the `acf flm update template with pasted layout()` function. This allows unauthenticated attackers to update custom field values on individual posts and pages. **Recommendations** Update the ACF Flexible Layouts Manager plugin to a version later than 1.1.6.

**Name of the Vulnerable Software and Affected Versions** Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress versions prior to 1.1.28 **Description** The Hydra Booking plugin for WordPress is susceptible to unauthorized booking cancellations. This is caused by the use of predictable values in generating booking cancellation tokens and a globally shared nonce within the `tfhb meeting form submit callback` function. An unauthenticated attacker can cancel bookings by conducting brute-force attacks against the `tfhb meeting form cencel` API endpoint. **Recommendations** Update the Hydra Booking plugin to version 1.1.28 or later.

**Name of the Vulnerable Software and Affected Versions** Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress versions prior to 1.1.28 **Description** The Hydra Booking plugin for WordPress has a flaw where payment verification is absent, allowing unauthenticated users to bypass payment requirements. This occurs because the plugin accepts payment confirmation data provided by the client in the `tfhb meeting paypal payment confirmation callback` function without validating it with the PayPal API. This enables attackers to confirm bookings as paid without completing an actual payment. **Recommendations** Update the Hydra Booking plugin to version 1.1.28 or later.

**Name of the Vulnerable Software and Affected Versions** Easy Upload Files During Checkout plugin for WordPress versions prior to 2.9.9 **Description** The Easy Upload Files During Checkout plugin for WordPress is susceptible to arbitrary JavaScript file uploads because of a lack of file type validation within the `file during checkout` function. This allows unauthenticated attackers to upload arbitrary JavaScript files to the server, potentially leading to remote code execution. **Recommendations** Update the Easy Upload Files During Checkout plugin to version 2.9.9 or later.