Jakub Przepióra

**Name of the Vulnerable Software and Affected Versions** Stackposts Social Marketing Tool (affected versions not specified) **Description** The issue allows for a Cross-site Scripting (XSS) attack due to improper neutralization of input during web page generation. This can be exploited by submitting a payload in the `username` during registration, which can then be executed later in the application panel, potentially leading to unauthorized acquisition of information, such as cookies from a logged-in user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apaczka plugin for PrestaShop versions v1 through v4 **Description** The issue is related to improper access control in the Apaczka plugin for PrestaShop, allowing unauthorized information gathering from saved templates without the need for authentication. **Recommendations** For Apaczka plugin for PrestaShop versions v1 through v4, consider restricting access to saved templates until a proper fix is applied. As a temporary workaround, restrict access to the template saving functionality to minimize the risk of exploitation. Avoid using the Apaczka plugin for PrestaShop until the issue is resolved.