Nguyen Van

**Name of the Vulnerable Software and Affected Versions** Asset CleanUp: Page Speed Booster plugin versions <= 1.3.8.4 **Description** The issue is related to an Authenticated Reflected Cross-Site Scripting (XSS) vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized actions. The vulnerability requires authentication with admin or higher privileges, indicating it needs access to sensitive areas of the website. **Recommendations** For Asset CleanUp: Page Speed Booster plugin versions <= 1.3.8.4, update to a version higher than 1.3.8.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Phil Baker's Age Gate plugin versions prior to 2.18.0 **Description** The issue is related to an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. This means that an attacker can inject malicious scripts into the website without needing authentication, and these scripts will be stored and executed when other users access the site. **Recommendations** For versions prior to 2.18.0, update to version 2.18.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WP Google Map WordPress plugin versions <= 1.8.0 **Description** The issue allows authenticated low-role users to create, edit, and delete maps. **Recommendations** For WP Google Map WordPress plugin versions <= 1.8.0, update to a version greater than 1.8.0 to resolve the issue.