Nicolas Vidal

**Name of the Vulnerable Software and Affected Versions** Website File Changes Monitor WordPress plugin versions prior to 1.8.3 **Description** The issue arises from the plugin's failure to sanitise and escape user input before using it in a SQL statement. This occurs via an action available to users with the manage options capability, which by default includes admins. The lack of proper input sanitisation and escaping leads to an SQL injection. **Recommendations** For versions prior to 1.8.3, update to version 1.8.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the action that allows user input to be used in SQL statements, or disabling the manage options capability for non-admin users until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** The Plus Addons for Elementor - Pro WordPress plugin versions prior to 5.0.7 **Description** The issue concerns the lack of validation for the `qvquery` parameter in the `tp get dl post info ajax` AJAX action. This could potentially allow unauthenticated users to access sensitive information, including private and draft posts. **Recommendations** For versions prior to 5.0.7, update to version 5.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `tp get dl post info ajax` AJAX action to prevent unauthenticated users from exploiting the lack of validation for the `qvquery` parameter.

**Name of the Vulnerable Software and Affected Versions** The Plus Addons for Elementor - Pro WordPress plugin versions prior to 5.0.7 **Description** The issue arises from the "WP Search Filters" widget not sanitizing and escaping the `option` parameter before using it in a SQL statement, which could lead to SQL injection. **Recommendations** For versions prior to 5.0.7, update to version 5.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the "WP Search Filters" widget until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** The Plus Addons for Elementor Page Builder WordPress plugin versions prior to 4.1.10 **Description** The issue is related to an Open Redirect problem. It occurs when a redirect parameter on a specifically crafted URL is not validated before redirecting the user to it. **Recommendations** For versions prior to 4.1.10, update to version 4.1.10 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** The Plus Addons for Elementor Page Builder WordPress plugin versions prior to 4.1.11 **Description** The issue allows an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site, as the plugin did not properly check that a user requesting a password reset was the legitimate user. This could potentially lead to an account takeover when chained with another issue. **Recommendations** For versions prior to 4.1.11, update to version 4.1.11 or later to resolve the issue. As a temporary workaround, consider restricting password reset functionality until the update is applied.