Fabian Rosales

Name of the Vulnerable Software and Affected Versions: Adminer version 4.8.1 Description: Adminer 4.8.1, when using Monolog for logging, is susceptible to a Denial of Service (memory consumption) through a crafted serialized payload, resulting in a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which forces excessive memory usage, rendering the Adminer interface unresponsive and potentially causing a server-level DoS. Multiple simultaneous requests can lead to a complete server crash requiring manual intervention. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin for WordPress versions up to, and including, 1.4.4 **Description** The issue allows unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own and requires another vulnerability to be present for damage to an affected website. **Recommendations** For versions up to, and including, 1.4.4, update to a version higher than 1.4.4 to resolve the issue.