Fioravante Souza

**Name of the Vulnerable Software and Affected Versions** Royal Elementor Addons and Templates versions prior to 1.3.79 **Description** The issue is related to unlimited file upload of dangerous types. Exploitation of this issue may allow a remote attacker to execute arbitrary code by uploading a specially crafted PHP file. Unauthenticated users can upload arbitrary files, such as PHP, which could lead to remote code execution. Over 46K attacks have been blocked in a month, indicating the severity of the issue. **Recommendations** For versions prior to 1.3.79, update to version 1.3.79 to protect the WordPress website and perform website cleanup to remove malicious files. As a temporary workaround, consider restricting access to the file upload functionality until the issue is resolved. Avoid using the vulnerable plugin until the issue is fixed by updating to the latest version. At the moment, there is no other information about additional mitigation measures.

**Name of the Vulnerable Software and Affected Versions** Gravity Forms WordPress plugin versions prior to 2.7.5 **Description** The issue is related to Reflected Cross-Site Scripting, which occurs because the plugin does not properly escape generated URLs before outputting them in attributes. This could be exploited against high-privileged users, such as administrators. **Recommendations** For versions prior to 2.7.5, update to version 2.7.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Add to Feedly WordPress plugin versions 1.2.11 and earlier **Description** The issue allows high-privilege users, such as admins, to perform Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitize and escape its settings, even when the unfiltered html capability is disallowed. **Recommendations** For Add to Feedly WordPress plugin versions 1.2.11 and earlier, update to a version that properly sanitizes and escapes its settings to prevent Cross-Site Scripting attacks.

**Name of the Vulnerable Software and Affected Versions** Listingo WordPress theme versions prior to 3.2.7 **Description** The issue concerns the lack of file validation for uploads via an AJAX action that is accessible to unauthenticated users. This could allow attackers to upload arbitrary files, potentially leading to remote code execution (RCE). **Recommendations** For Listingo WordPress theme versions prior to 3.2.7, update to version 3.2.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the AJAX upload action to authenticated users only.

Name of the Vulnerable Software and Affected Versions: Patreon WordPress plugin versions prior to 1.7.0 Description: A Local File Disclosure issue was identified in the Patreon WordPress plugin that could be exploited by anyone visiting the site, potentially leading to the leakage of important internal files such as wp-config.php, which contains database credentials and cryptographic keys used for nonces and cookies generation. Recommendations: For versions prior to 1.7.0, update to version 1.7.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Patreon WordPress plugin versions prior to 1.7.0 Description: A Cross-Site Request Forgery issue was identified, allowing attackers to make a logged administrator disconnect the site from Patreon by visiting a specially crafted link. Recommendations: For versions prior to 1.7.0, update to version 1.7.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Patreon WordPress plugin versions prior to 1.7.2 Description: A Reflected Cross-Site Scripting issue was identified in the Login Form of the Patreon WordPress plugin. The plugin hooks into the WordPress login form, allowing users to authenticate using their Patreon account. However, error logging logic allowed user-controlled input to be reflected on the login page without proper sanitization. Recommendations: For versions prior to 1.7.2, update to version 1.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the login form until the update is applied.

Name of the Vulnerable Software and Affected Versions: Patreon WordPress plugin versions prior to 1.7.2 Description: A Reflected Cross-Site Scripting issue was identified in the Patreon WordPress plugin. The issue is related to the `patreon save attachment patreon level` AJAX action, which is used to update the pledge level required by Patreon subscribers to access a given attachment. This action is accessible to user accounts with the `manage options` privilege, meaning only administrators can access it. The risk arises from a parameter not being sanitized before being printed back to the user. Recommendations: For versions prior to 1.7.2, update to version 1.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `patreon save attachment patreon level` AJAX action to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Patreon WordPress plugin versions prior to 1.7.0 Description: A Cross-Site Request Forgery issue allows attackers to make a logged-in user overwrite or create arbitrary user metadata on the victim's account. This can be used to overwrite the `wp capabilities` meta, which contains the affected user account's roles and privileges, potentially locking them out of the site and blocking access to paid content. Recommendations: For versions prior to 1.7.0, update to version 1.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive user metadata to minimize the risk of exploitation.