Junsu Yeo

**Name of the Vulnerable Software and Affected Versions** Muhammad Rehman Remove Duplicate Posts versions 1.3.5 and earlier **Description** The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. **Recommendations** For Muhammad Rehman Remove Duplicate Posts versions 1.3.5 and earlier, update to a version later than 1.3.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** CYAN Backup versions n/a through 2.5.3 **Description** The issue is related to a Path Traversal vulnerability, specifically a '.../...//' vulnerability, which affects CYAN Backup. This allows for Path Traversal. **Recommendations** For CYAN Backup versions n/a through 2.5.3, update to a version later than 2.5.3 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zippy versions 1.6.1 and earlier **Description** The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not have access to it. **Recommendations** For versions 1.6.1 and earlier, update to a version later than 1.6.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin versions 1.0.6 and earlier **Description** The issue is related to a Cross-Site Request Forgery (CSRF) that leads to a Stored Cross-Site Scripting (XSS) vulnerability. This allows an attacker to perform unauthorized actions on the site. **Recommendations** For realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin versions 1.0.6 and earlier, update to a version later than 1.0.6 to resolve the issue.