Alessio Santoru

**Name of the Vulnerable Software and Affected Versions** Ninja Forms Contact Form WordPress plugin versions prior to 3.6.13 **Description** The issue arises from the unserialization of the content of an imported file, potentially leading to PHP object injections when an admin imports a malicious file and a suitable gadget chain is present on the blog. This could occur intentionally or unintentionally. **Recommendations** For versions prior to 3.6.13, update to version 3.6.13 or later to resolve the issue. As a temporary workaround, consider restricting file imports to trusted sources and avoiding the import of files from unverified locations.

Name of the Vulnerable Software and Affected Versions: mini httpd versions prior to 1.28 thttpd versions prior to 2.28 Description: The issue is related to a buffer overflow in the htpasswd implementation, which can be exploited remotely to perform code execution. Recommendations: For mini httpd versions prior to 1.28, update to version 1.28 or later. For thttpd versions prior to 2.28, update to version 2.28 or later.