Martin Martin

**Name of the Vulnerable Software and Affected Versions** The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress versions up to, and including, 1.7.48 **Description** The issue is related to Stored Cross-Site Scripting via html file uploads due to insufficient input sanitization and output escaping within the `sanitize file()` function. This allows unauthenticated attackers to bypass the plugin’s MIME-only checks and inject arbitrary web scripts in pages that will execute whenever a user accesses the html file. **Recommendations** For versions up to, and including, 1.7.48, update to a version that fixes the insufficient input sanitization and output escaping issue within the `sanitize file()` function. As a temporary workaround, consider disabling the file upload functionality until a patch is available. Restrict access to uploaded html files to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress versions up to, and including, 5.1.92 Description: The issue allows unauthenticated attackers to retrieve appointment details, such as customer names and email addresses, due to missing validation on a user-controlled key in the 'view booking summary in lightbox' endpoint. This enables attackers to access sensitive information without proper authorization. Recommendations: For versions up to, and including, 5.1.92, consider disabling the `view booking summary in lightbox` feature until a patch is available to prevent unauthorized access to appointment details. Restrict access to sensitive information by implementing proper validation on user-controlled keys to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.