Chuang Li

**Name of the Vulnerable Software and Affected Versions** AGIL WordPress plugin versions 1.0 and earlier **Description** The issue allows high-privilege users, such as admins, to upload arbitrary files, including PHP files, by accepting all zip files without validating the extracted file type, leading to remote code execution (RCE). **Recommendations** For AGIL WordPress plugin versions 1.0 and earlier, update to a version that includes a fix for this issue to prevent the upload of arbitrary files. As a temporary workaround, consider restricting the upload of zip files or implementing additional validation for extracted file types to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Scroll Baner WordPress plugin versions 1.0 and earlier **Description** The issue concerns a lack of CSRF check when saving settings, as well as insufficient sanitisation, escaping, or validation of these settings. This could allow attackers to manipulate logged-in admin users into changing settings, potentially leading to Remote Code Execution (RCE) via file upload or Cross-Site Scripting (XSS). **Recommendations** For Scroll Baner WordPress plugin versions 1.0 and earlier, consider disabling the settings saving functionality until a patch is available to prevent potential exploitation. Restrict access to the plugin's settings to minimize the risk of attackers manipulating admin users. Avoid using the plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The Simple Schools Staff Directory WordPress plugin versions 1.1 and earlier **Description** The issue allows high-privilege users, such as admins, to upload arbitrary files, including PHP files, by not validating uploaded logo pictures to ensure they are indeed images. This can lead to remote code execution (RCE). **Recommendations** For The Simple Schools Staff Directory WordPress plugin versions 1.1 and earlier, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.