Neginnrb

**Name of the Vulnerable Software and Affected Versions** Michael Koch Mendeley Plugin plugin versions 1.3.2 and earlier **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For versions 1.3.2 and earlier, update to a version later than 1.3.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GrandSlambert Login Configurator plugin versions <= 2.1 **Description** The issue is related to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability. This means that an attacker with admin privileges can inject malicious scripts into the application, which can then be executed by other users. **Recommendations** For GrandSlambert Login Configurator plugin versions <= 2.1, update to a version greater than 2.1 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WePupil Quiz Expert plugin versions <= 1.5.0 **Description** The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to. **Recommendations** For WePupil Quiz Expert plugin versions <= 1.5.0, update to a version greater than 1.5.0 to resolve the issue. At the moment, there is no information about additional mitigation measures.

**Name of the Vulnerable Software and Affected Versions** Hiroaki Miyashita Custom Field Template plugin versions <= 2.5.8 **Description** The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to. **Recommendations** For Hiroaki Miyashita Custom Field Template plugin versions <= 2.5.8, update to a version higher than 2.5.8 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MagePeople Team Booking and Rental Manager for Bike plugin versions 1.2.1 and earlier **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For versions 1.2.1 and earlier, update to a version later than 1.2.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** FixBD Educare plugin versions <= 1.4.1 **Description** The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to. **Recommendations** For FixBD Educare plugin versions <= 1.4.1, update to a version higher than 1.4.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Jeroen Peters Name Directory plugin versions 1.27.1 and earlier **Description** The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to. **Recommendations** For versions 1.27.1 and earlier, update to a version later than 1.27.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Rafael Dery Superior FAQ plugin versions <= 1.0.2 **Description** The issue is a Cross-Site Request Forgery (CSRF) vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is authenticated to. **Recommendations** For versions <= 1.0.2, update to a version greater than 1.0.2 to resolve the issue. As a temporary workaround, consider implementing CSRF token validation to prevent unauthorized requests. Restrict access to sensitive operations to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Aarvanshinfotech Online Exam Software: eExamhall plugin versions <= 4.0 **Description** The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This means an attacker could potentially trick a user into performing unintended actions on the web application. **Recommendations** For versions <= 4.0, update to a version higher than 4.0 to resolve the issue.