Mike Montoya

**Name of the Vulnerable Software and Affected Versions** Magazine3 Easy Table of Contents versions through 2.0.80 **Description** The software contains a Cross-Site Request Forgery (CSRF) flaw. This allows attackers to potentially perform actions on behalf of authenticated users. **Recommendations** Versions prior to 2.0.80 should be updated.

**Name of the Vulnerable Software and Affected Versions** Andy Fragen Embed PDF Viewer versions through 2.4.7 **Description** The software contains a Server-Side Request Forgery (SSRF) flaw. This allows for Server Side Request Forgery. The vulnerability exists due to insufficient input validation when processing requests. **Recommendations** Update to a version later than 2.4.7.