Bibek Dhakal

**Name of the Vulnerable Software and Affected Versions** Stylemix MasterStudy LMS versions through 3.6.20 **Description** A flaw exists in Stylemix MasterStudy LMS that allows for the retrieval of embedded sensitive data, potentially exposing sensitive system information to unauthorized access. **Recommendations** Update Stylemix MasterStudy LMS to a version later than 3.6.20.

**Name of the Vulnerable Software and Affected Versions** WP Attractive Donations System versions prior to 1.29 **Description** A Cross-Site Request Forgery (CSRF) issue exists in loopus WP Attractive Donations System, which also allows Stored Cross-Site Scripting (XSS). The issue affects the WP Attractive Donations System plugin. **Recommendations** Update WP Attractive Donations System to version 1.29 or later.

**Name of the Vulnerable Software and Affected Versions** MasterStudy LMS versions through 3.6.20 **Description** An authorization issue exists in Stylemix MasterStudy LMS, allowing exploitation of incorrectly configured access control security levels. **Recommendations** Update MasterStudy LMS to a version later than 3.6.20.

**Name of the Vulnerable Software and Affected Versions** MasterStudy LMS versions through 3.6.20 **Description** A race condition exists due to concurrent execution using a shared resource with improper synchronization. This allows leveraging race conditions within the software. **Recommendations** Update MasterStudy LMS to a version later than 3.6.20.