Park Hyun Woo

**Name of the Vulnerable Software and Affected Versions** WP Engine Faust.Js versions prior to 1.8.8 **Description** An authentication bypass exists in WP Engine Faust.Js through the use of an alternate path or channel, which allows for the exploitation of the password recovery process. **Recommendations** Update to version 1.8.8 or later.

**Name of the Vulnerable Software and Affected Versions** SePay Gateway versions prior to 1.1.21 **Description** A missing authorization issue in the SePay Gateway allows for the retrieval of embedded sensitive data. **Recommendations** Update to a version later than 1.1.20.