Ethicalhack3R

**Name of the Vulnerable Software and Affected Versions** Frontend File Manager versions prior to 4.0 N-Media Post Front-end Form versions prior to 1.1 **Description** The issue allows unauthenticated attackers to upload arbitrary files on the server due to missing file type validation via the `nm filemanager upload file` and `nm postfront upload file` AJAX actions, potentially making remote code execution possible. **Recommendations** For Frontend File Manager versions prior to 4.0, update to version 4.0 or later to resolve the issue. For N-Media Post Front-end Form versions prior to 1.1, update to version 1.1 or later to resolve the issue. As a temporary workaround, consider disabling the `nm filemanager upload file` and `nm postfront upload file` AJAX actions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ClickBank Affiliate Ads WordPress plugin versions 1.20 and earlier **Description** The issue arises from the lack of a CSRF check when saving settings, allowing an attacker to manipulate a logged-in admin into changing them via a CSRF attack. Additionally, the lack of escaping when outputting settings can lead to Stored Cross-Site Scripting issues. **Recommendations** For ClickBank Affiliate Ads WordPress plugin versions 1.20 and earlier, update to a version that includes a CSRF check and proper escaping of output settings to prevent these issues. As a temporary workaround, consider restricting access to the settings page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WP Attachment Export WordPress plugin versions prior to 0.2.4 **Description** The issue concerns a lack of proper access controls, allowing unauthenticated users to download XML data containing details of attachments and posts on a WordPress site. **Recommendations** For WP Attachment Export WordPress plugin versions prior to 0.2.4, update to version 0.2.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Swim Team plugin version 1.44.10777 **Description** The issue allows remote attackers to read arbitrary files via a full pathname in the `file` parameter in the include/user/download.php file. **Recommendations** For Swim Team plugin version 1.44.10777, consider restricting access to the include/user/download.php file until a patch is available. Avoid using the `file` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** WordPress version 3.5.1 **Description** The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by providing a crafted value of a certain `wp-postpass` cookie when a password-protected post exists. **Recommendations** For WordPress version 3.5.1, update to a newer version to mitigate the risk of CPU consumption denial of service attacks.