Daiki Sato

**Name of the Vulnerable Software and Affected Versions** Music Store - WordPress eCommerce versions prior to 1.1.14 **Description** A SQL injection issue allows a remote authenticated attacker with administrative privileges to execute arbitrary SQL commands, potentially obtaining or altering information stored in the database. **Recommendations** For versions prior to 1.1.14, update to version 1.1.14 or later to resolve the issue. As a temporary workaround, consider restricting administrative access to trusted users until the update is applied.

**Name of the Vulnerable Software and Affected Versions** WP Booking versions prior to 2.4.5 **Description** A cross-site scripting issue exists, allowing an arbitrary script to be executed on the user's web browser if exploited. **Recommendations** For versions prior to 2.4.5, update to version 2.4.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Heateor Social Login WordPress versions prior to 1.1.32 **Description** The issue allows for a cross-site scripting vulnerability. If exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. **Recommendations** For Heateor Social Login WordPress versions prior to 1.1.32, update to version 1.1.32 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the website to minimize the risk of exploitation.