Hay Mizrachi

**Name of the Vulnerable Software and Affected Versions** Azure IoT Central (affected versions not specified) **Description** Exposure of sensitive information to an unauthorized actor allows an authorized attacker to elevate privileges over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure IoT Explorer (affected versions not specified) **Description** The software transmits sensitive information in cleartext, potentially allowing an unauthorized attacker to disclose information over a network. This impacts the confidentiality of data handled by the application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure IoT Explorer (affected versions not specified) **Description** The software contains a server-side request forgery (SSRF) issue. This allows an unauthorized attacker to perform spoofing over a network. The root cause is insufficient input validation. Exploitation may allow a remote attacker to conduct spoofing attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure IoT Explorer (affected versions not specified) **Description** An improper restriction of the communication channel to intended endpoints in Azure IoT Explorer can allow an unauthorized attacker to disclose information over a network. The issue involves insufficient limitation of the communication channel for specified endpoints. Exploitation may allow a remote attacker to reveal protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure IoT Explorer (affected versions not specified) **Description** A missing authentication check for a critical function in Azure IoT Explorer can allow an unauthorized attacker to disclose information over a network. The issue involves the transmission of critical information in plain text, potentially enabling a remote attacker to reveal protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure IoT SDK (affected versions not specified) **Description** An issue exists where binding to an unrestricted IP address in the Azure IoT SDK can allow an unauthorized attacker to disclose information over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress versions prior to 2.5.1 **Description** The issue is related to insufficient file path validation in the `admin log page()` function, allowing authenticated attackers with Administrator-level access and above to delete arbitrary log files on the server. **Recommendations** For versions up to and including 2.5.0, update to version 2.5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `admin log page()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress versions up to, and including, 2.5.0 **Description** The issue allows authenticated attackers with Administrator-level access and above to inject a PHP Object via deserialization of untrusted input from the `form data` parameter. This vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. **Recommendations** For versions up to, and including, 2.5.0, consider disabling the deserialization of untrusted input from the `form data` parameter as a temporary workaround until a patch is available. Restrict access to the plugin's functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress versions up to, and including, 2.5.0 **Description** The issue allows authenticated attackers with Administrator-level access and above to make web requests to arbitrary locations originating from the web application. This can be used to query and modify information from internal services. The vulnerability is related to the `validate file()` function. **Recommendations** For versions up to, and including, 2.5.0, consider disabling the `validate file()` function as a temporary workaround until a patch is available. Restrict access to the plugin's functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress versions up to, and including, 2.5.0 **Description** The issue allows authenticated attackers with Administrator-level access and above to read the contents of arbitrary log files on the server, which can contain sensitive information, via the `download file()` function. **Recommendations** For versions up to, and including, 2.5.0, consider disabling the `download file()` function until a patch is available to prevent exploitation. Restrict access to sensitive log files to minimize the risk of information disclosure.

**Name of the Vulnerable Software and Affected Versions** Export and Import Users and Customers plugin for WordPress versions up to, and including, 2.6.2 **Description** The issue allows authenticated attackers with Administrator-level access and above to make web requests to arbitrary locations originating from the web application. This can be used to query and modify information from internal services via the `validate file()` function. **Recommendations** For Export and Import Users and Customers plugin for WordPress versions up to, and including, 2.6.2, consider disabling the `validate file()` function as a temporary workaround until a patch is available. Restrict access to the plugin's functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Export and Import Users and Customers plugin for WordPress versions up to, and including, 2.6.2 **Description** The issue is related to PHP Object Injection via deserialization of untrusted input from the `form data` parameter. This allows authenticated attackers with Administrator-level access and above to inject a PHP Object. The vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code. **Recommendations** For versions up to, and including, 2.6.2, update to a version that contains a fix for this issue to prevent PHP Object Injection. As a temporary workaround, consider restricting access to the `form data` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Export and Import Users and Customers plugin for WordPress versions prior to 2.6.3 **Description** The issue is related to insufficient file path validation in the `admin log page()` function, allowing authenticated attackers with Administrator-level access and above to delete arbitrary log files on the server. **Recommendations** For versions up to and including 2.6.2, update to a version later than 2.6.2 to resolve the issue. As a temporary workaround, consider restricting access to the `admin log page()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** The Export and Import Users and Customers plugin for WordPress versions up to, and including, 2.6.2 **Description** The issue allows authenticated attackers with Administrator-level access and above to read the contents of arbitrary log files on the server, which can contain sensitive information, via the `download file()` function. **Recommendations** For versions up to, and including, 2.6.2, consider disabling the `download file()` function until a patch is available to prevent exploitation. Restrict access to sensitive log files to minimize the risk of information disclosure.

**Name of the Vulnerable Software and Affected Versions** The Order Export & Order Import for WooCommerce plugin for WordPress versions up to, and including, 2.6.0 **Description** The issue is related to PHP Object Injection via deserialization of untrusted input from the `form data` parameter. This allows authenticated attackers with Administrator-level access and above to inject a PHP Object. The vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. **Recommendations** For versions up to, and including, 2.6.0, update to a version higher than 2.6.0 to resolve the issue. As a temporary workaround, consider restricting access to the `form data` parameter to minimize the risk of exploitation. Additionally, ensure that no other plugins or themes containing a POP chain are installed on the site to prevent potential attacks.

**Name of the Vulnerable Software and Affected Versions** Order Export & Order Import for WooCommerce plugin for WordPress versions up to, and including, 2.6.0 **Description** The issue allows authenticated attackers with Administrator-level access and above to make web requests to arbitrary locations originating from the web application. This can be used to query and modify information from internal services. The vulnerability is related to the `validate file()` function. **Recommendations** For versions up to, and including, 2.6.0, consider updating to a version that fixes this issue, as no specific workaround is provided for these versions. As a temporary workaround, consider restricting access to the `validate file()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** The Order Export & Order Import for WooCommerce plugin for WordPress versions up to, and including, 2.6.0 **Description** The issue is related to insufficient file path validation in the `admin log page()` function, allowing authenticated attackers with Administrator-level access and above to delete arbitrary log files on the server. **Recommendations** For versions up to, and including, 2.6.0, update to a version higher than 2.6.0 to resolve the issue. As a temporary workaround, consider restricting access to the `admin log page()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** The Order Export & Order Import for WooCommerce plugin for WordPress versions up to, and including, 2.6.0 **Description** The issue allows authenticated attackers with Administrator-level access and above to read the contents of arbitrary log files on the server, which can contain sensitive information, via the `download file()` function. **Recommendations** For versions up to, and including, 2.6.0, consider disabling the `download file()` function until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rate My Post – Star Rating Plugin by FeedbackWP versions up to, and including, 4.2.4 **Description** The issue allows unauthenticated attackers to vote on unpublished scheduled posts due to missing validation on a user-controlled key in the `get post status()` function. This enables attackers to exploit the Insecure Direct Object Reference vulnerability. **Recommendations** For versions up to, and including, 4.2.4, update to a version that includes the necessary validation to prevent exploitation of the Insecure Direct Object Reference vulnerability. As a temporary workaround, consider restricting access to the `get post status()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ETIC Telecom RAS versions 4.7.0 and prior **Description** The web management portal authentication is disabled by default in the affected versions. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition. **Recommendations** For ETIC Telecom RAS versions 4.7.0 and prior, enable the web management portal authentication to prevent unauthorized access and potential configuration alterations or denial-of-service conditions.