Luxf0Z

**Name of the Vulnerable Software and Affected Versions** WP Job Portal versions 2.1.6 and earlier **Description** The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability in WP Job Portal. **Recommendations** For WP Job Portal versions 2.1.6 and earlier, update to a version later than 2.1.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Hamid Alinia – idehweb versions 1.7.35 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS in the Login with phone number feature. **Recommendations** For versions 1.7.35 and earlier, update to a version that fixes the Stored XSS issue in the Login with phone number feature. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** weDevs ReCaptcha Integration for WordPress versions 1.2.5 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially leading to unauthorized access or data theft. **Recommendations** For weDevs ReCaptcha Integration for WordPress versions 1.2.5 and earlier, update to a version later than 1.2.5 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WP Job Portal versions n/a through 2.1.3 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS attacks. **Recommendations** For WP Job Portal versions n/a through 2.1.3, update to a version later than 2.1.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WP Job Portal versions n/a through 2.1.3 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS attacks. **Recommendations** For versions n/a through 2.1.3, update to a version later than 2.1.3 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Exeebit phpinfo() WP versions n/a through 5.0 **Description** The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who should not have access to it. **Recommendations** For versions n/a through 5.0, update to a version that fixes this issue, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to sensitive information to minimize the risk of exploitation.