Margaux Dabert

**Name of the Vulnerable Software and Affected Versions** WP Cerber Security plugin for WordPress versions up to, and including 9.0 **Description** The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass, making user enumeration possible. This is due to improper validation on the value supplied through the `author` parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can be targeted in further attacks. **Recommendations** For WP Cerber Security plugin for WordPress versions up to, and including 9.0, update to a version that includes the fix for this issue to prevent user enumeration. As a temporary workaround, consider restricting access to the ~/cerber-load.php file or modifying the validation logic for the `author` parameter to prevent bypassing the security protection.

Name of the Vulnerable Software and Affected Versions: FV Flowplayer Video Player WordPress plugin versions 7.5.0.727 through 7.5.2.727 Description: The issue allows attackers to inject arbitrary web scripts via the `player id` parameter found in the ~/view/stats.php file, enabling Reflected Cross-Site Scripting attacks. Recommendations: For versions 7.5.0.727 through 7.5.2.727, consider disabling access to the ~/view/stats.php file or restricting the use of the `player id` parameter until a patch is available.

Name of the Vulnerable Software and Affected Versions: WP Bannerize WordPress plugin versions 2.0.0 through 4.0.2 Description: The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the `id` parameter found in the ~/Classes/wpBannerizeAdmin.php file, which allows attackers to exfiltrate sensitive information from vulnerable sites. Recommendations: For versions 2.0.0 through 4.0.2, as a temporary workaround, consider restricting access to the ~/Classes/wpBannerizeAdmin.php file or disabling the use of the `id` parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Stripe for WooCommerce WordPress plugin versions 3.0.0 through 3.3.9 Description: The issue is related to a missing capability check on the `save()` function found in the `~/includes/admin/class-wc-stripe-admin-user-edit.php` file. This allows attackers to configure their account to use other site users' unique STRIPE identifier and make purchases with their payment accounts. Recommendations: For versions 3.0.0 through 3.3.9, as a temporary workaround, consider disabling the `save()` function in the `class-wc-stripe-admin-user-edit.php` file until a patch is available. Restrict access to the `~/includes/admin/class-wc-stripe-admin-user-edit.php` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.