Artem Polynko

**Name of the Vulnerable Software and Affected Versions** Quiz Organizer plugin for WordPress versions up to and including 2.9.1 **Description** The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level access to inject arbitrary web scripts in pages, which will execute when a user accesses an injected page. The issue only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to and including 2.9.1, update to a version that includes the necessary input sanitization and output escaping fixes to prevent Stored Cross-Site Scripting attacks.

**Name of the Vulnerable Software and Affected Versions** WordSurvey plugin for WordPress versions up to, and including, 3.2 **Description** The issue is related to Stored Cross-Site Scripting via the `sounding title` parameter due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The issue only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to, and including, 3.2, update to a version that includes the necessary input sanitization and output escaping fixes to prevent Stored Cross-Site Scripting attacks. As a temporary workaround, consider restricting access to the `sounding title` parameter to minimize the risk of exploitation. Additionally, ensure that unfiltered html is enabled, if possible, to mitigate the issue in affected installations.

**Name of the Vulnerable Software and Affected Versions** The Sheet to Table Live Sync for Google Sheet plugin for WordPress versions up to, and including, 1.0.1 **Description** The issue is related to Stored Cross-Site Scripting via the plugin's `STWT Sheet Table` shortcode due to insufficient input sanitization and output escaping on user-supplied attributes. This allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. **Recommendations** For versions up to, and including, 1.0.1, update to a version that addresses the insufficient input sanitization and output escaping issue. As a temporary workaround, consider restricting access to the `STWT Sheet Table` shortcode to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** VForm plugin for WordPress versions up to, and including, 2.1.5 **Description** The VForm plugin for WordPress is affected by a Stored Cross-Site Scripting issue due to insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject arbitrary web scripts into pages, which will execute when a user accesses the injected page. **Recommendations** For versions up to, and including, 2.1.5, update to a version later than 2.1.5 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Master Currency WP plugin versions up to, and including, 1.1.61 **Description** The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the `currencyconverterform` shortcode. This allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages, which will execute when a user accesses an injected page. **Recommendations** For Master Currency WP plugin versions up to, and including, 1.1.61, update to a version that addresses the insufficient input sanitization and output escaping issue in the `currencyconverterform` shortcode. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The ParityPress – Parity Pricing with Discount Rules plugin for WordPress versions up to, and including, 1.0.0 **Description** The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the 'Discount Text' field. This allows authenticated attackers with administrator-level permissions to inject arbitrary web scripts in pages, which will execute when a user accesses the injected page. The issue only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to, and including, 1.0.0, update to a version that addresses the insufficient input sanitization and output escaping issue in the 'Discount Text' field to prevent Stored Cross-Site Scripting attacks.

**Name of the Vulnerable Software and Affected Versions** RegLevel plugin for WordPress versions up to, and including, 1.2.1 **Description** The issue allows authenticated attackers with administrator-level permissions and above to inject arbitrary web scripts in pages due to insufficient input sanitization and output escaping in admin settings. This affects multi-site installations and installations where unfiltered html has been disabled, making it possible for injected scripts to execute whenever a user accesses an injected page. **Recommendations** For RegLevel plugin for WordPress versions up to, and including, 1.2.1, update to a version that addresses the insufficient input sanitization and output escaping issue. As a temporary workaround, consider restricting administrator-level permissions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** The AI ChatBot for WordPress – WPBot plugin for WordPress versions up to, and including, 5.5.7 **Description** The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The issue only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to, and including, 5.5.7, update to a version that addresses the insufficient input sanitization and output escaping issue to prevent Stored Cross-Site Scripting attacks. As a temporary workaround, consider restricting administrator-level permissions and above, and ensure that unfiltered html is enabled to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WP Total Branding – Complete branding solution for WordPress plugin versions prior to 1.2 **Description** The issue arises from insufficient input sanitization and output escaping in admin settings, allowing authenticated attackers with administrator-level permissions to inject arbitrary web scripts in pages. This affects multi-site installations and installations where unfiltered html has been disabled, making it possible for injected scripts to execute whenever a user accesses an injected page. **Recommendations** For versions prior to 1.2, update to a version that includes the necessary input sanitization and output escaping fixes to prevent Stored Cross-Site Scripting attacks. As a temporary workaround, consider restricting administrator-level permissions or disabling the vulnerable admin settings until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Custom Dash plugin for WordPress version 1.0.2 and earlier **Description** The Custom Dash plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions 1.0.2 and earlier, update to a version later than 1.0.2 to resolve the issue. As a temporary workaround, consider restricting access to admin settings to minimize the risk of exploitation. Additionally, review the configuration of multi-site installations and the status of unfiltered html to assess the potential impact.