B4Orvn

**Name of the Vulnerable Software and Affected Versions** ActiveCampaign versions 8.1.16 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables potential attackers to inject malicious scripts into web pages. **Recommendations** For versions 8.1.16 and earlier, update to a version later than 8.1.16 to resolve the issue. As a temporary workaround, consider restricting user input to prevent malicious script injection until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Accounting for WooCommerce versions 1.6.8 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. **Recommendations** For versions 1.6.8 and earlier, update to a version later than 1.6.8 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the web application to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AlgolPlus Advanced Dynamic Pricing for WooCommerce versions through 4.9.0 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to inject malicious scripts into web pages. **Recommendations** For versions through 4.9.0, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebToffee Wishlist for WooCommerce versions prior to 2.1.3 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially leading to unauthorized access or data theft. **Recommendations** For versions prior to 2.1.3, update to version 2.1.3 or later to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Auction Nudge – Your eBay on Your Site versions n/a through 7.2.0 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. **Recommendations** For versions n/a through 7.2.0, update to a version later than 7.2.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Advanced Form Integration versions 1.95.0 and earlier **Description** The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows stored XSS. **Recommendations** For Advanced Form Integration versions 1.95.0 and earlier, update to a version later than 1.95.0 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WP Docs versions n/a through 2.2.1 **Description** The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that an attacker can inject malicious scripts into the website, potentially affecting users who access the compromised page. **Recommendations** For WP Docs versions n/a through 2.2.1, update to a version later than 2.2.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.