**Name of the Vulnerable Software and Affected Versions** CC Child Pages versions prior to 2.1.2 **Description** The CC Child Pages plugin for WordPress contains a Stored Cross-Site Scripting issue caused by insufficient input sanitization and output escaping. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts through the `more` parameter. These scripts execute whenever a user visits the affected page. **Recommendations** Update the plugin to version 2.1.2 or later. As a temporary workaround, restrict access to the `more` parameter for users with Contributor-level permissions.

**Name of the Vulnerable Software and Affected Versions** Meta Field Block versions prior to 1.5.3 **Description** The Meta Field Block plugin for WordPress contains a Stored Cross-Site Scripting issue caused by insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts through the `tagName` block attribute. These scripts execute whenever a user visits the affected page. **Recommendations** Update to a version later than 1.5.2. As a temporary workaround, restrict access to the `tagName` block attribute for users with contributor-level permissions.

**Name of the Vulnerable Software and Affected Versions** SliceWP Affiliates versions prior to 1.2.8 **Description** The SliceWP Affiliates plugin for WordPress contains a stored cross-site scripting issue. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages. This occurs because of insufficient input sanitization and output escaping of user-supplied attributes within the 'slicewp affiliate url' shortcode. These scripts execute whenever a user visits the affected page. **Recommendations** Update the plugin to a version later than 1.2.7. As a temporary workaround, restrict the use of the 'slicewp affiliate url' shortcode to trusted users with higher privilege levels.

**Name of the Vulnerable Software and Affected Versions** Code Embed plugin for WordPress versions prior to 2.5.2 **Description** The Code Embed plugin for WordPress is susceptible to Stored Cross-Site Scripting through custom field meta values. The plugin’s sanitization function, `sec check post fields()`, operates only on the `save post` hook. However, WordPress permits the addition of custom fields via the `/wp ajax add meta` API endpoint without triggering this hook. Consequently, the `ce filter()` function outputs these unsanitized meta values directly into page content without proper escaping. This allows authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages, which will then execute when a user accesses the affected page. **Recommendations** Update the Code Embed plugin to version 2.5.2 or later.

**Name of the Vulnerable Software and Affected Versions** NextScripts: Social Networks Auto-Poster plugin for WordPress versions through 4.4.6 **Description** The NextScripts: Social Networks Auto-Poster plugin for WordPress is susceptible to Stored Cross-Site Scripting through the `[nxs fbembed]` shortcode. This is caused by inadequate input sanitization and output escaping on the `snapFB` post meta value. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page. **Recommendations** Update NextScripts: Social Networks Auto-Poster plugin for WordPress to a version later than 4.4.6.

**Name of the Vulnerable Software and Affected Versions** NextScripts versions through 4.4.7 **Description** The software contains a flaw due to deserialization of untrusted data, which allows for object injection. **Recommendations** Update NextScripts to a version later than 4.4.7.

**Name of the Vulnerable Software and Affected Versions** blubrry PowerPress Podcasting versions through 11.15.10 **Description** The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue impacts PowerPress Podcasting. **Recommendations** Update PowerPress Podcasting to a version later than 11.15.10.

**Name of the Vulnerable Software and Affected Versions** Simple Download Monitor plugin for WordPress versions prior to 4.0.6 **Description** The Simple Download Monitor plugin for WordPress is susceptible to Stored Cross-Site Scripting through a custom field. Insufficient input sanitization and output escaping allow authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page. **Recommendations** Update the Simple Download Monitor plugin to version 4.0.6 or later.

**Name of the Vulnerable Software and Affected Versions** Livemesh Addons for Beaver Builder versions up to and including 3.9.2 **Description** The Livemesh Addons for Beaver Builder plugin for WordPress contains a Stored Cross-Site Scripting issue. The issue is due to insufficient input sanitization and output escaping in the `[labb pricing item]` shortcode’s `title` and `value` attributes. The plugin uses `htmlspecialchars decode()` after `wp kses post()`, which re-encodes HTML entities into executable code after sanitization. This allows authenticated attackers with Contributor-level access or higher to inject malicious web scripts into pages. These scripts will then execute when a user accesses the compromised page. **Recommendations** Update Livemesh Addons for Beaver Builder to a version beyond 3.9.2.

**Name of the Vulnerable Software and Affected Versions** WP Responsive Images plugin for WordPress versions prior to 1.1 **Description** The WP Responsive Images plugin for WordPress is susceptible to a Path Traversal issue in versions up to and including 1.0. This allows unauthenticated attackers to read arbitrary files on the server, potentially exposing sensitive information, through manipulation of the `src` parameter. **Recommendations** Update the WP Responsive Images plugin to version 1.1 or later.

**Name of the Vulnerable Software and Affected Versions** A WP Life Slider Responsive Slideshow – Image slider, Gallery slideshow versions through 1.5.4 **Description** The software contains a flaw related to the deserialization of untrusted data, which allows for object injection. This issue impacts Slider Responsive Slideshow – Image slider, Gallery slideshow. **Recommendations** Update A WP Life Slider Responsive Slideshow – Image slider, Gallery slideshow to a version later than 1.5.4.

**Name of the Vulnerable Software and Affected Versions** A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery versions through 1.6.0 **Description** The software contains a flaw related to the deserialization of untrusted data, specifically allowing for object injection. This issue is present in the ‘new-image-gallery’ component. **Recommendations** Update A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery to a version later than 1.6.0.

**Name of the Vulnerable Software and Affected Versions** Dotstore Woocommerce Category Banner Management versions through 2.5.1 **Description** The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue is present in the Woocommerce Category Banner Management banner-management-for-woocommerce component. **Recommendations** Update Woocommerce Category Banner Management to a version later than 2.5.1.

**Name of the Vulnerable Software and Affected Versions** Quiz Maker plugin for WordPress versions up to and including 6.7.1.7 **Description** The Quiz Maker plugin for WordPress is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping on user-supplied attributes within the `vc quizmaker` shortcode. This allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute whenever a user accesses the compromised page. This issue requires WPBakery Page Builder to be installed and active. **Recommendations** Versions prior to 6.7.1.7 should be updated.

**Name of the Vulnerable Software and Affected Versions** XO Event Calendar plugin for WordPress versions prior to 3.2.11 **Description** The software is susceptible to Stored Cross-Site Scripting through the 'xo event field' shortcode. Insufficient input sanitization and output escaping on user-supplied attributes allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page. **Recommendations** Update to version 3.2.11 or later.

**Name of the Vulnerable Software and Affected Versions** Groups plugin for WordPress versions prior to 3.10.1 **Description** The Groups plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'groups group info' shortcode. This is due to inadequate input sanitization and output escaping of user-provided attributes. Authenticated attackers with contributor-level access or higher can inject malicious web scripts into pages. These scripts will execute when a user accesses the compromised page. **Recommendations** Update the Groups plugin to version 3.10.1 or later.

**Name of the Vulnerable Software and Affected Versions** InteractiveCalculator for WordPress plugin versions up to and including 1.0.3 **Description** The InteractiveCalculator for WordPress plugin is susceptible to Stored Cross-Site Scripting through the 'interactivecalculator' shortcode. Insufficient input sanitization and output escaping on user-supplied attributes allow authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page. **Recommendations** Update the InteractiveCalculator for WordPress plugin to a version newer than 1.0.3.

**Name of the Vulnerable Software and Affected Versions** WP Data Access plugin for WordPress versions prior to 5.5.64 **Description** The WP Data Access plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'wpda app' shortcode. This is due to inadequate input sanitization and output escaping of user-provided attributes. Authenticated attackers with contributor-level access or higher can inject malicious web scripts into pages. These scripts will execute when a user accesses the compromised page. **Recommendations** Update the WP Data Access plugin to version 5.5.64 or later.

**Name of the Vulnerable Software and Affected Versions** MasterStudy LMS WordPress Plugin versions through 3.7.11 **Description** The MasterStudy LMS WordPress Plugin is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping on user-supplied attributes within the 'stm lms courses grid display' shortcode. Authenticated attackers with contributor-level access or higher can inject malicious web scripts into pages. These scripts will then execute whenever a user accesses the compromised page. **Recommendations** Update the MasterStudy LMS WordPress Plugin to a version later than 3.7.11.

**Name of the Vulnerable Software and Affected Versions** Ravelry Designs Widget plugin for WordPress versions up to and including 1.0.0 **Description** The Ravelry Designs Widget plugin for WordPress is susceptible to Stored Cross-Site Scripting through the `layout` attribute of the `sb ravelry designs` shortcode. Insufficient input sanitization and output escaping of user-supplied attributes allow authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update the Ravelry Designs Widget plugin to a version beyond 1.0.0.