Colette Chamberland

**Name of the Vulnerable Software and Affected Versions** 99 Robots WP Background Takeover Advertisements plugin versions prior to 4.1.5 **Description** The issue concerns a Directory Traversal vulnerability. It can be exploited via a .. in the `filename` parameter in the exports/download.php file. **Recommendations** For versions prior to 4.1.5, update to version 4.1.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the exports/download.php file until the update is applied. Avoid using the `filename` parameter with .. in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** WP Security Audit Log plugin version 3.1.1 **Description** An issue was discovered in the WP Security Audit Log plugin where access to files in the wp-content/uploads/wp-security-audit-log/* directory is not restricted. This allows these files to be indexed by search engines like Google, potentially exposing sensitive information to attackers. **Recommendations** For WP Security Audit Log plugin version 3.1.1, consider restricting access to the wp-content/uploads/wp-security-audit-log/* directory to prevent sensitive information from being exposed.

**Name of the Vulnerable Software and Affected Versions** AccessKeys AccessPress Anonymous Post Pro plugin versions through 3.1.9 **Description** The issue is related to improper input sanitization, allowing an attacker to override settings for allowed file extensions and upload file size. This is due to vulnerabilities in the inc/cores/file-uploader.php and file-uploader/file-uploader-class.php files. An attacker can upload any file to the server, including .php files, by sending a request to the "action=ap file upload action&allowedExtensions[]=php" endpoint at "/wp-admin/admin-ajax.php", resulting in PHP code execution. **Recommendations** For AccessKeys AccessPress Anonymous Post Pro plugin versions through 3.1.9, update to a version later than 3.1.9 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** UserPro plugin for WordPress versions prior to 4.9.17.1 **Description** The issue allows remote attackers to bypass authentication and obtain administrative access. This can be achieved by setting the `up auto log` parameter in the QUERY STRING to 'true' when accessing the default URI. **Recommendations** For versions prior to 4.9.17.1, update to version 4.9.17.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the default URI or disabling the `up auto log` parameter to minimize the risk of exploitation.