Nguyen Duy Quoc Khanh

**Name of the Vulnerable Software and Affected Versions** Plugin (affected versions not specified) **Description** The issue arises from the plugin's failure to filter the `delete entries` parameter from user requests, leading to an SQL Injection vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The Analyticator WordPress plugin versions prior to 6.5.6 **Description** The issue allows high privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present. This is due to the plugin unserializing user input provided via the settings. **Recommendations** For versions prior to 6.5.6, update to version 6.5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WPtouch WordPress plugin versions prior to 4.3.45 **Description** The issue allows high privilege users, such as admins, to upload arbitrary files on the server, even when they should not be allowed to, for example in a multisite setup. This is due to the plugin not properly validating images to be uploaded. **Recommendations** For versions prior to 4.3.45, update to version 4.3.45 or later to resolve the issue. As a temporary workaround, consider restricting the upload capabilities of high privilege users to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WP Custom Admin Interface WordPress plugin versions prior to 7.29 **Description** The issue allows high privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present. This is due to the plugin unserializing user input provided via the settings. **Recommendations** For WP Custom Admin Interface WordPress plugin versions prior to 7.29, update to version 7.29 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WPtouch WordPress plugin versions prior to 4.3.45 **Description** The issue arises from the unserialization of the content of an imported settings file, which could lead to PHP object injections issues when a user imports a malicious settings file and a suitable gadget chain is present on the blog. This could potentially occur intentionally or unintentionally. **Recommendations** For versions prior to 4.3.45, update to version 4.3.45 or later to resolve the issue. As a temporary workaround, consider restricting the import of settings files to trusted sources until a patch is applied. Avoid using the plugin's settings import feature with untrusted files.

**Name of the Vulnerable Software and Affected Versions** White Label CMS WordPress plugin versions prior to 2.5 **Description** The issue allows high-privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present. This is due to the plugin unserializing user input provided via the settings. **Recommendations** For versions prior to 2.5, update to version 2.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Shortcodes and extra features for Phlox theme WordPress plugin versions prior to 2.10.7 **Description** The issue arises from the unserialize of the content of an imported file, which could lead to PHP object injection when a user imports a malicious file and a suitable gadget chain is present on the blog. This occurs when a user, intentionally or not, imports a malicious file. **Recommendations** For versions prior to 2.10.7, update to version 2.10.7 or later to resolve the issue. As a temporary workaround, consider restricting the import functionality to trusted users or files until the update is applied. Avoid using the import feature with untrusted files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin versions prior to 3.0.3 **Description** The issue arises from the plugin's failure to properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection. This can be exploited by users with a role as low as admin. **Recommendations** For versions prior to 3.0.3, update to version 3.0.3 or later to resolve the issue. As a temporary workaround, consider restricting admin access to trusted users until the update is applied.

**Name of the Vulnerable Software and Affected Versions** The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin versions prior to 1.8.0 **Description** The issue allows high privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present. This is due to the plugin unserializing user input provided via the settings. **Recommendations** For versions prior to 1.8.0, update to version 1.8.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** HTML Forms WordPress plugin versions prior to 1.3.25 **Description** The issue is related to a SQL injection that occurs because a parameter is not properly escaped before being used in a SQL statement. This can be exploited by high privilege users. **Recommendations** For versions prior to 1.3.25, update to version 1.3.25 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation by high privilege users.

**Name of the Vulnerable Software and Affected Versions** Customizer Export/Import WordPress plugin versions prior to 0.9.5 **Description** The issue arises from the plugin unserializing the content of an imported file, potentially leading to PHP object injection issues when a malicious file is imported by an admin, and a suitable gadget chain is present on the blog. **Recommendations** For versions prior to 0.9.5, update to version 0.9.5 or later to resolve the issue. As a temporary workaround, consider restricting the import functionality to trusted sources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Easy WP SMTP WordPress plugin versions prior to 1.5.0 **Description** The issue arises from the unserialization of the content of an imported file, potentially leading to a PHP object injection issue. This can occur when an admin imports a malicious file, and a suitable gadget chain is present on the blog. **Recommendations** For versions prior to 1.5.0, update to version 1.5.0 or later to resolve the issue. As a temporary workaround, consider restricting the import functionality to trusted files and sources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Ocean Extra WordPress plugin versions prior to 2.0.5 **Description** The issue arises from the unserialization of the content of an imported file, potentially leading to PHP object injections when a high-privilege user imports a malicious Customizer Styling file and a suitable gadget chain is present on the blog. **Recommendations** For Ocean Extra WordPress plugin versions prior to 2.0.5, update to version 2.0.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LearnPress WordPress plugin versions prior to 4.1.7.2 **Description** The issue arises from the unserialization of user input in a REST API endpoint, which is accessible to unauthenticated users. This could lead to PHP Object Injection when a suitable gadget is present, resulting in remote code execution (RCE). To exploit this, attackers must have knowledge of the site secrets, enabling them to generate a valid hash via the `wp hash()` function. **Recommendations** For versions prior to 4.1.7.2, update to version 4.1.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the REST API endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Smart Slider 3 versions prior to 3.5.1.11 **Description** The issue arises from the unserialization of the content of an imported file, potentially leading to PHP object injection issues if a malicious file is imported and a suitable gadget chain is present on the site. **Recommendations** For versions prior to 3.5.1.11, update to version 3.5.1.11 or later to resolve the issue. As a temporary workaround, consider restricting the import functionality to trusted users and files until the update is applied.

**Name of the Vulnerable Software and Affected Versions** The Form Maker by 10Web WordPress plugin versions prior to 1.15.6 **Description** The issue arises from improper sanitization and escaping of a parameter before its use in a SQL statement, resulting in a SQL injection that can be exploited by high-privilege users, such as administrators. **Recommendations** For versions prior to 1.15.6, update to version 1.15.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Kadence WooCommerce Email Designer WordPress plugin versions prior to 1.5.7 **Description** The issue arises from the unserialization of the content of an imported file, potentially leading to PHP object injections when an admin imports a malicious file and a suitable gadget chain is present on the blog. This could occur intentionally or unintentionally. **Recommendations** For versions prior to 1.5.7, update to version 1.5.7 or later to resolve the issue. As a temporary workaround, consider restricting the import functionality to trusted sources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin versions prior to 5.185.1 **Description** The issue concerns a lack of validation for ids used in SQL statements, potentially leading to SQL injection. This could be exploited by high-privilege users, such as admins. **Recommendations** For versions prior to 5.185.1, update to version 5.185.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's SQL functionality to minimize the risk of exploitation.