Pavitra Tiwari

**Name of the Vulnerable Software and Affected Versions** Regpack plugin versions 0.1 and earlier **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For Regpack plugin versions 0.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Abel Ruiz GuruWalk Affiliates plugin versions 1.0.0 and earlier **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that affects authenticated administrators. This type of vulnerability allows an attacker to inject malicious scripts into the application, which can then be executed by other users, potentially leading to unauthorized actions or data theft. **Recommendations** For versions 1.0.0 and earlier, update to a version that contains a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MrDemonWolf Livestream Notice plugin versions 1.2.0 and earlier **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. This vulnerability affects the MrDemonWolf Livestream Notice plugin. **Recommendations** For MrDemonWolf Livestream Notice plugin versions 1.2.0 and earlier, update to a version later than 1.2.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** nuajik plugin versions prior to 0.1.0 **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For nuajik plugin versions prior to 0.1.0, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Pradeep Singh Dynamically Register Sidebars plugin versions 1.0.1 and earlier **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For Pradeep Singh Dynamically Register Sidebars plugin versions 1.0.1 and earlier, update to a version later than 1.0.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iControlWP Article Directory Redux plugin versions 1.0.2 and earlier **Description** The issue is related to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability. This means that an attacker with admin access can inject malicious scripts into the application, potentially leading to unauthorized actions. **Recommendations** For versions 1.0.2 and earlier, update to a version later than 1.0.2 to resolve the issue. As a temporary workaround, consider restricting access to the plugin's administrative interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Decon Digital Decon WP SMS plugin versions prior to 1.2 **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For Decon Digital Decon WP SMS plugin versions prior to 1.2, update to version 1.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NsThemes NS Coupon To Become Customer plugin versions prior to 1.2.3 **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NTZApps CRM Memberships plugin versions prior to 1.7 **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin+ privileges. **Recommendations** For versions prior to 1.7, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Cyberus Key plugin versions prior to 1.1 **Description** The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability that requires authentication with admin or higher privileges. **Recommendations** For versions prior to 1.1, update to version 1.1 or later to resolve the issue.