Frissi0N

Name of the Vulnerable Software and Affected Versions: Shabti Kaplan Frontend Admin versions through 3.28.3 Description: An improper neutralization of special elements used in an SQL command vulnerability ('SQL Injection') exists in Shabti Kaplan Frontend Admin by DynamiApps, allowing for blind SQL injection. Recommendations: Update Shabti Kaplan Frontend Admin to a version later than 3.28.3.

**Name of the Vulnerable Software and Affected Versions** Integration for Contact Form 7 and Zoho CRM, Bigin versions 1.3.0 and earlier **Description** The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This is a problem where an application deserializes data from an untrusted source, potentially leading to the execution of malicious code. **Recommendations** For versions 1.3.0 and earlier, update to a version that fixes this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WPExperts Square For GiveWP plugin for WordPress versions up to, and including, 1.3.1 **Description** The issue allows authenticated attackers with Subscriber-level access and above to perform SQL Injection via the `post` parameter due to insufficient escaping and lack of preparation on the existing SQL query. This enables attackers to extract sensitive information from the database by appending additional SQL queries to existing ones. **Recommendations** For WPExperts Square For GiveWP plugin for WordPress versions up to, and including, 1.3.1, consider restricting access to the `post` parameter in the affected API endpoint until a patch is available. As a temporary workaround, avoid using the `post` parameter in queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ravpage plugin for WordPress versions up to, and including, 2.31 **Description** The issue concerns a PHP Object Injection vulnerability via deserialization of untrusted input from the `paramsv2` parameter. This allows unauthenticated attackers to inject a PHP Object. The vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present, it may allow attackers to perform actions like deleting arbitrary files, retrieving sensitive data, or executing code, depending on the POP chain present. **Recommendations** For versions up to, and including, 2.31, consider disabling the deserialization of input from the `paramsv2` parameter until a patch is available. Restrict access to the ravpage plugin to minimize the risk of exploitation. Avoid using the `paramsv2` parameter in the affected plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress versions up to, and including, 3.6.1 **Description** The issue is related to SQL Injection via the `woomotiv seen products .*` cookie due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This allows unauthenticated attackers to append additional SQL queries into already existing queries, which can be used to extract sensitive information from the database. **Recommendations** For versions up to, and including, 3.6.1, update to a version later than 3.6.1 to resolve the issue. As a temporary workaround, consider restricting access to the `woomotiv seen products .*` cookie to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Library Management System – Manage e-Digital Books Library plugin for WordPress versions prior to 3.0.1 **Description** The issue is related to SQL Injection via the `owt7 borrow books id` parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This allows authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. **Recommendations** For versions prior to 3.0.1, update to version 3.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `owt7 borrow books id` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** The Beautiful taxonomy filters plugin for WordPress versions up to, and including, 2.4.3 **Description** The issue is related to SQL Injection via the `selects[0][term]` parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This allows unauthenticated attackers to append additional SQL queries into already existing queries, which can be used to extract sensitive information from the database. **Recommendations** For versions up to, and including, 2.4.3, consider disabling the `selects[0][term]` parameter until a patch is available to prevent SQL Injection attacks. Restrict access to sensitive database information to minimize the risk of exploitation. Update to a version that includes a fix for this issue once it becomes available.