Ibuki Sato

**Name of the Vulnerable Software and Affected Versions** Simple Image Sizes versions 3.2.3 and earlier **Description** A cross-site scripting issue exists, allowing an arbitrary script to be executed on the web browser of a user with administrative privileges who accesses the settings screen. This can occur when the vulnerability is exploited. **Recommendations** For versions 3.2.3 and earlier, update to a version later than 3.2.3 to resolve the issue. As a temporary workaround, consider restricting access to the settings screen for users with administrative privileges until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 143 Firefox ESR versions prior to 140.3 Thunderbird versions prior to 143 Thunderbird versions prior to 140.3 **Description** The software contains a flaw. **Recommendations** Update Firefox to version 143 or later. Update Firefox ESR to version 140.3 or later. Update Thunderbird to version 143 or later. Update Thunderbird to version 140.3 or later.

**Name of the Vulnerable Software and Affected Versions** WP Admin UI Customize versions prior to 1.5.14 **Description** A cross-site scripting issue exists, allowing an arbitrary script to be executed on the web browser of other users who access the admin screen, if a malicious admin user customizes the admin screen with malicious content. **Recommendations** For WP Admin UI Customize versions prior to 1.5.14, update to version 1.5.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin screen customization feature to trusted users only, until the update can be applied.