Hir0Ot

**Name of the Vulnerable Software and Affected Versions** Everest Forms plugin for WordPress versions up to, and including, 2.0.7 **Description** The issue allows unauthenticated attackers to make web requests to arbitrary locations originating from the web application. This can be used to query and modify information from internal services via the `font url` parameter. **Recommendations** For versions up to, and including, 2.0.7, consider restricting access to the `font url` parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the `font url` parameter in the affected plugin until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LearnPress plugin for WordPress versions up to, and including, 4.2.5.7 **Description** The issue is related to time-based SQL Injection via the `order by` parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This allows unauthenticated attackers to append additional SQL queries into already existing queries, which can be used to extract sensitive information from the database. **Recommendations** For versions up to, and including, 4.2.5.7, update to a version later than 4.2.5.7 to resolve the issue. As a temporary workaround, consider restricting access to the `order by` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LearnPress plugin for WordPress versions up to, and including, 4.2.5.7 **Description** The issue is related to the LearnPress plugin for WordPress, which is vulnerable to command injection in all versions up to, and including, 4.2.5.7. This vulnerability is due to the plugin's use of the `call user func` function with user input through the `get content` function. As a result, unauthenticated attackers can execute any public function with one parameter, potentially leading to remote code execution. **Recommendations** For versions up to, and including, 4.2.5.7, update to a version later than 4.2.5.7 to resolve the issue. As a temporary workaround, consider disabling the `get content` function until a patch is available. Restrict access to the `call user func` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Voltronic Power ViewPower (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this issue. The specific flaw exists within the `MonitorConsole` class, resulting from an exposed dangerous method. An attacker can leverage this issue to execute code in the context of the current user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Voltronic Power ViewPower Pro (affected versions not specified) **Description** The issue is related to the selectDeviceListBy method of the Voltronic Power ViewPower Pro software, which does not properly validate user-supplied input for SQL queries. This allows remote attackers to execute arbitrary SQL queries and potentially arbitrary code on affected installations without requiring authentication. The flaw exists due to the lack of proper validation of a user-supplied string before using it to construct SQL queries, enabling an attacker to leverage this vulnerability to execute code in the context of LOCAL SERVICE. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress versions up to, and including, 18.5.9 **Description** The issue is related to Local File Inclusion, which allows an unauthenticated attacker to include and execute PHP files on the server via the `render action template` parameter. This enables the execution of any PHP code in those files. The vulnerability is associated with incorrect external control of the file name or path. It is estimated that over 50,000 sites are affected. **Recommendations** For versions up to, and including, 18.5.9, update to a version that fixes this issue. As a temporary workaround, consider disabling the `render action template` parameter until a patch is available. Restrict access to the `setTemplate()`, `renderPhp()`, and `path join()` functions to minimize the risk of exploitation. Avoid using the `render action template` parameter in the affected plugin until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Delta Electronics InfraSuite Device Master version 1.0.7 **Description** The issue is related to the use of dangerous methods or functions in the software, allowing a remote attacker to execute arbitrary code by sending a specially crafted UDP packet. This can be achieved through a single UDP packet, enabling an unauthenticated attacker to perform the exploit. **Recommendations** For Delta Electronics InfraSuite Device Master version 1.0.7, consider disabling the vulnerable function or restricting access to the affected module until a patch is available. As a temporary workaround, avoid using the `RunScript` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Delta Electronics InfraSuite Device Master version 1.0.7 **Description** The issue is related to the deserialization of untrusted data, which can lead to remote code execution. An unauthenticated attacker can exploit this to execute code with local administrator privileges. This can potentially allow a remote attacker to gain elevated access to the system. **Recommendations** For Delta Electronics InfraSuite Device Master version 1.0.7, consider restricting access to the Device-DataCollect and Device-Gateway components until a patch is available. As a temporary workaround, disabling the deserialization of untrusted data may help mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Delta Electronics InfraSuite Device Master version 1.0.7 **Description** A vulnerability exists in Delta Electronics InfraSuite Device Master that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying. The issue is related to incorrect restriction of the directory path name, which can be exploited by a remote attacker. **Recommendations** For version 1.0.7, consider restricting access to the vulnerable component until a patch is available. As a temporary workaround, avoid using the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Delta Electronics InfraSuite Device Master version 1.0.7 **Description** A vulnerability exists in Delta Electronics InfraSuite Device Master that allows an attacker to write to any file in any location of the filesystem, potentially leading to remote code execution. This issue arises due to incorrect restriction of the directory path name with limited access. The exploitation of this vulnerability could enable a remote attacker to execute arbitrary code. **Recommendations** For version 1.0.7, update to a newer version that contains a fix for this issue, as the current version allows for directory traversal and remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine RecoveryManager Plus versions prior to 6070 **Description** The issue allows admin users to execute arbitrary commands via proxy settings. This is due to a failure to neutralize special elements, which can be exploited by a remote attacker to execute arbitrary commands. **Recommendations** For versions prior to 6070, update to version 6070 or later to resolve the issue. As a temporary workaround, consider restricting access to the proxy settings to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Parse Server versions prior to 5.5.2 and 6.2.1 **Description** The issue allows an attacker to use a prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. This can be exploited in Parse Server, an open source backend that can be deployed to any infrastructure that can run Node.js. **Recommendations** For versions prior to 5.5.2, update to version 5.5.2 to resolve the issue. For versions prior to 6.2.1, update to version 6.2.1 to resolve the issue. As a temporary workaround, consider disabling remote code execution through the MongoDB BSON parser until a patch is available.