Faiyaz Ahmad

**Name of the Vulnerable Software and Affected Versions** SMI SMI-EX-5414W versions up to 1.0.03 **Description** A vulnerability was found in the Web Interface component of the affected software, leading to cross-site request forgery. The manipulation can be initiated remotely. **Recommendations** For SMI SMI-EX-5414W versions up to 1.0.03, update to a patched version and review web application security controls to prevent future cross-site request forgery attacks. As a temporary workaround, consider restricting access to the Web Interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WordPress File Upload WordPress plugin versions prior to 4.23.3 **Description** The issue allows high privilege users, such as contributors, to perform Stored Cross-Site Scripting attacks due to the plugin's failure to sanitise and escape some of its settings. **Recommendations** For versions prior to 4.23.3, update to version 4.23.3 or later to resolve the issue. As a temporary workaround, consider restricting contributor privileges to minimize the risk of exploitation.