Brian Mungai

**Name of the Vulnerable Software and Affected Versions** Asgaros Forum plugin for WordPress versions prior to 3.2.2 **Description** The software is susceptible to Cross-Site Request Forgery (CSRF). This is caused by a lack of nonce validation within the `set subscription level()` function. An unauthenticated attacker can potentially modify the subscription settings of logged-in users by tricking them into performing an action, such as clicking a malicious link. **Recommendations** Update to version 3.2.2 or later.

**Name of the Vulnerable Software and Affected Versions** EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress versions up to and including 4.2.0.0 **Description** The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is susceptible to unauthorized booking note creation. This is due to a missing capability check within the `booking add notes()` function. Authenticated attackers possessing Subscriber-level access or higher can add a note to the backend view of any booking. **Recommendations** Update EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress to a version later than 4.2.0.0.

**Name of the Vulnerable Software and Affected Versions** bbPress plugin for WordPress versions prior to 2.6.12 **Description** The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the `bbp user add role on register()` function. This allows unauthenticated attackers to elevate their privileges to that of a bbPress Keymaster by tricking a site administrator into performing an action, such as clicking on a link. The vulnerability is mitigated by removing the ability to select a role during registration, rather than implementing a nonce check. **Recommendations** For versions prior to 2.6.12, update to version 2.6.12 or later, which no longer allows role selection during registration, thus mitigating the issue.

**Name of the Vulnerable Software and Affected Versions** Wp Social Login and Register Social Counter plugin for WordPress versions up to and including 3.1.0 **Description** The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the `counter access key setup()` function. This allows unauthenticated attackers to update social login provider settings by tricking a site administrator into performing an action, such as clicking on a link. **Recommendations** For Wp Social Login and Register Social Counter plugin for WordPress versions up to and including 3.1.0, consider disabling the `counter access key setup()` function until a patch is available to prevent exploitation. Restrict access to social login provider settings to minimize the risk of unauthorized updates.

**Name of the Vulnerable Software and Affected Versions** The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress versions up to, and including, 1.3.2 **Description** The issue is related to unauthorized loss of data due to a missing capability check on the `delete user review()` and `delete review()` functions. This allows authenticated attackers with Subscriber-level access and above to delete other users' reviews. **Recommendations** For versions up to, and including, 1.3.2, consider disabling the `delete user review()` and `delete review()` functions until a patch is available to prevent unauthorized deletion of user reviews. Restrict access to these functions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress versions up to and including 3.12.9 **Description** The issue is related to stored cross-site scripting, which occurs due to insufficient input sanitization and output escaping of various user meta parameters. This allows unauthenticated attackers to inject arbitrary web scripts into pages, which will execute when a user accesses an injected page and clicks a link to show user meta. **Recommendations** For versions up to and including 3.12.9, update to a version higher than 3.12.9 to resolve the issue. As a temporary workaround, consider restricting access to user meta parameters until a patch is available.