Movrment

**Name of the Vulnerable Software and Affected Versions** PostX – Gutenberg Blocks for Post Grid versions 3.2.3 and earlier **Description** The issue is related to a Missing Authorization vulnerability in Post Grid Team by WPXPO. This vulnerability affects PostX – Gutenberg Blocks for Post Grid. **Recommendations** For versions 3.2.3 and earlier, update to a version later than 3.2.3 to resolve the issue. At the moment, there is no information about additional mitigation measures.

**Name of the Vulnerable Software and Affected Versions** AlgolPlus Advanced Order Export For WooCommerce versions 3.4.4 and earlier **Description** The issue is related to improper control of code generation, allowing code injection. This can potentially lead to unauthorized access or execution of malicious code. **Recommendations** For versions 3.4.4 and earlier, update to a version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Download Monitor versions through 4.9.4 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting malicious SQL code. **Recommendations** For versions through 4.9.4, update to a version later than 4.9.4 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations until a patch is available. Avoid using user-supplied input in SQL commands without proper sanitization to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Telerik UI for ASP.NET AJAX versions (all versions of RadChart) **Description** The issue allows a remote attacker to read and delete specific image files on the server through a specially crafted request, exploiting path traversal in RadChart. The affected image extensions include .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, and .WMF. **Recommendations** To resolve the issue, remove RadChart's HTTP handler from the web.config file, specifically the type Telerik.Web.UI.ChartHttpHandler.