Miguel Xavier Penha Neto

**Name of the Vulnerable Software and Affected Versions** Cost Calculator Builder WordPress plugin versions prior to 3.2.43 **Description** The issue is related to a missing CSRF check in some AJAX actions of the Cost Calculator Builder WordPress plugin. This could allow attackers to make logged-in users perform unwanted actions via CSRF attacks. **Recommendations** For versions prior to 3.2.43, update to version 3.2.43 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable AJAX actions until a patch is available.

Name of the Vulnerable Software and Affected Versions: Safe SVG WordPress plugin versions prior to 2.2.6 Description: The issue arises because the sanitisation code in the Safe SVG WordPress plugin only runs for paths that call `wp handle upload`, but not for code that uses `wp handle sideload`, which is often used to upload attachments via raw POST data. This can lead to potential security risks, including cross-site scripting (XSS) attacks. Recommendations: For Safe SVG WordPress plugin versions prior to 2.2.6, upgrade to version 2.2.6 or later to mitigate the risks associated with this issue. As a temporary workaround, consider restricting the use of `wp handle sideload` until the plugin is updated.

Name of the Vulnerable Software and Affected Versions: Download Manager WordPress plugin versions prior to 3.3.00 Description: The issue is related to the Download Manager WordPress plugin, where some shortcode parameters are not properly sanitized, leading to cross-site scripting. Recommendations: For versions prior to 3.3.00, update to version 3.3.00 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mailchimp for WooCommerce WordPress plugin versions prior to 2.7.1 **Description** The issue allows any logged-in users, such as subscribers, to perform a POST request on behalf of the server to the internal network/LAN. The body of the request is also appended to the response, which can be used to scan the private network, for example. **Recommendations** For versions prior to 2.7.1, update to version 2.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the AJAX action to prevent unauthorized POST requests.

**Name of the Vulnerable Software and Affected Versions** Mailchimp for WooCommerce WordPress plugin versions prior to 2.7.2 **Description** The issue allows high privilege users to perform a POST request on behalf of the server to the internal network/LAN. The body of the request is also appended to the response, which can be used to scan the private network. **Recommendations** For Mailchimp for WooCommerce WordPress plugin versions prior to 2.7.2, update to version 2.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the AJAX action to minimize the risk of exploitation.