Mattia Brollo

**Name of the Vulnerable Software and Affected Versions** Profile Builder Pro versions prior to 3.14.6 **Description** The Profile Builder Pro plugin for WordPress is susceptible to PHP Object Injection. This occurs because the `wppb request users pins action callback()` AJAX handler uses the `maybe unserialize()` function on the `args` POST parameter without implementing nonce verification, type checking, or input validation. Since the handler is registered with both `wp ajax ` and `wp ajax nopriv ` hooks, unauthenticated attackers can inject arbitrary PHP objects into the application memory. **Recommendations** Update the plugin to a version later than 3.14.5. As a temporary workaround, restrict access to the `wppb request users pins action callback()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Prevent Direct Access – Protect WordPress Files plugin versions 2.8.6 through 2.8.8.2 **Description** The issue allows unauthorized access and modification of data due to a misconfigured capability check on the `pda lite custom permission check` function. This makes it possible for authenticated attackers, with Contributor-level access and above, to access and change the protection status of media. **Recommendations** For versions 2.8.6 through 2.8.8.2, consider disabling the `pda lite custom permission check` function until a patch is available to prevent unauthorized access and modification of data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.