Giongfnef

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to and including 4.3 **Description** The issue allows unauthorized modification of data due to a missing capability check on the `init endpoint()` function. This enables unauthenticated attackers to modify various settings, including the `ladipage key`, which can be used to create new posts on the website and inject malicious web scripts. **Recommendations** For versions up to and including 4.3, update to a version that includes a fix for the missing capability check on the `init endpoint()` function. As a temporary workaround, consider disabling the `init endpoint()` function until a patch is available. Restrict access to the `ladipage key` setting to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to, and including, 4.4 **Description** The issue is related to a missing nonce check on the `init endpoint()` function, which is hooked via 'init'. This allows unauthenticated attackers to modify various settings by tricking a site administrator into performing an action, such as clicking on a link. An attacker can directly modify the `ladipage key`, enabling them to create new posts on the website and inject malicious web scripts. **Recommendations** For versions up to, and including, 4.4, consider disabling the `init endpoint()` function until a patch is available to prevent exploitation. Restrict access to the `ladipage key` to minimize the risk of unauthorized modifications. Avoid using the `ladipage key` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to, and including, 4.3 **Description** The issue is related to a missing capability check on the `ladiflow save hook()` function, allowing authenticated attackers with subscriber-level access and above to update the `ladiflow hook configs` option. This enables unauthorized modification of data. **Recommendations** For versions up to, and including, 4.3, consider disabling the `ladiflow save hook()` function until a patch is available to prevent unauthorized data modification. Restrict access to the `ladiflow hook configs` option to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to, and including, 4.4 **Description** The issue allows unauthorized modification of data due to a missing capability check on the `save config()` function. This makes it possible for authenticated attackers with subscriber-level access and above to update the `ladipage config` option. **Recommendations** For versions up to, and including, 4.4, consider disabling the `save config()` function until a patch is available to prevent unauthorized modification of data. Restrict access to the `ladipage config` option to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to, and including, 4.4 **Description** The issue is related to a missing nonce check on the `ladiflow save hook()` function, making it possible for unauthenticated attackers to update the `ladiflow hook configs` option via a forged request. This can be achieved if an attacker can trick a site administrator into performing an action, such as clicking on a link. **Recommendations** For versions up to, and including, 4.4, update to a version that includes a fix for the missing nonce check on the `ladiflow save hook()` function. As a temporary workaround, consider disabling the `ladiflow save hook()` function until a patch is available. Restrict access to the `ladiflow hook configs` option to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to, and including, 4.3 **Description** The issue is related to a missing nonce check on the `save config()` function, making it possible for unauthenticated attackers to update the `ladipage config` option via a forged request. This can be achieved if an attacker can trick a site administrator into performing an action, such as clicking on a link. **Recommendations** For versions up to, and including, 4.3, update to a version that includes a fix for the missing nonce check on the `save config()` function. As a temporary workaround, consider disabling the `save config()` function until a patch is available. Restrict access to the `ladipage config` option to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to, and including, 4.4 **Description** The issue arises from a missing capability check on the `publish lp()` function, which is hooked via an AJAX action. This allows authenticated attackers with subscriber-level access and above to modify data, including changing the LadiPage key. As a result, attackers can create new pages, potentially triggering stored XSS. **Recommendations** For versions up to, and including, 4.4, update to a version that includes a fix for this issue to prevent unauthorized modification of data. As a temporary workaround, consider disabling the `publish lp()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** LadiApp plugin for WordPress versions up to, and including, 4.4 **Description** The issue is related to a missing nonce check on the `publish lp()` function, which is hooked via an AJAX action. This allows unauthenticated attackers to change the LadiPage key, enabling them to create new pages, including those that trigger stored XSS via a forged request, if they can trick a site administrator into performing a certain action, such as clicking on a link. **Recommendations** For versions up to, and including, 4.4, consider disabling the `publish lp()` function until a patch is available to prevent exploitation. Restrict access to the AJAX action hooked by the `publish lp()` function to minimize the risk of exploitation. Avoid using the LadiApp plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Clarity plugin for WordPress versions up to, and including, 0.9.3 **Description** The issue is related to Cross-Site Request Forgery due to missing nonce validation on the `edit clarity project id()` function. This allows unauthenticated attackers to change the project id and add malicious JavaScript via a forged request, provided they can trick a site administrator into performing a specific action, such as clicking on a link. **Recommendations** For versions up to, and including, 0.9.3, update to a version that includes nonce validation for the `edit clarity project id()` function to prevent Cross-Site Request Forgery attacks. As a temporary workaround, consider restricting access to the `edit clarity project id()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WP EXtra plugin for WordPress versions up to, and including, 6.2 **Description** The issue allows authenticated attackers with subscriber-level permissions and above to modify the contents of the .htaccess files located in a site's root directory or /wp-content and /wp-includes folders, potentially achieving remote code execution. This is due to a missing capability check on the `register()` function. **Recommendations** For WP EXtra plugin for WordPress versions up to, and including, 6.2, update to a version that includes a fix for the missing capability check on the `register()` function to prevent unauthorized modification of data. As a temporary workaround, consider restricting access to the `register()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** vBulletin versions 5.7.5 through 6.0.0 **Description** A cross-site scripting (XSS) vulnerability in the Admin Control Panel of vBulletin allows attackers to execute arbitrary web scripts or HTML via the "/login.php?do=login" url parameter. **Recommendations** For versions 5.7.5 and 6.0.0, as a temporary workaround, consider restricting access to the "/login.php?do=login" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.