An Đặng

**Name of the Vulnerable Software and Affected Versions** Smush plugin for WordPress (affected versions not specified) **Description** The issue is related to a missing capability check on the `delete resmush list()` function, allowing authenticated attackers with minimal permissions, such as a subscriber, to delete the resmush list for Nextgen or the Media Library. This enables unauthorized deletion of the resmush list. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MStore API plugin for WordPress versions up to, and including, 4.10.7 **Description** The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address. The issue was escalated to the plugin's team 30 days ago, but a patch has not yet been released. **Recommendations** For versions up to, and including, 4.10.7, consider disabling the Apple login feature until a patch is available to prevent unauthorized account access and privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MStore API plugin for WordPress versions up to, and including, 4.0.1 **Description** The issue allows unauthenticated attackers to perform Blind SQL Injection via the `id` parameter due to insufficient escaping on user-supplied parameters and lack of sufficient preparation on the existing SQL query. This enables attackers to append additional SQL queries into already existing queries, which can be used to extract sensitive information from the database. **Recommendations** For versions up to, and including, 4.0.1, update to a version higher than 4.0.1 to resolve the issue. As a temporary workaround, consider restricting access to the `id` parameter in the affected API endpoint until a patch is available.