Rahul Selvakumar

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Retain Live Chat WordPress plugin version 0.1 **Description** The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, in a multisite setup. This is due to the plugin not sanitizing and escaping some of its settings. **Recommendations** For Retain Live Chat WordPress plugin version 0.1, update to a version that properly sanitizes and escapes its settings to prevent Stored Cross-Site Scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WP Humans.txt WordPress plugin versions 1.0.0 through 1.0.6 **Description** The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed, for example, in a multisite setup. **Recommendations** For WP Humans.txt WordPress plugin versions 1.0.0 through 1.0.6, update to a version that properly sanitizes and escapes its settings to prevent Stored Cross-Site Scripting attacks.

**Name of the Vulnerable Software and Affected Versions** The Very Simple Breadcrumb WordPress plugin through 1.0 **Description** The issue allows high privilege users, such as admins, to perform Cross-Site Scripting attacks due to the lack of sanitization and escaping of its settings. This is possible even when the unfiltered html capability is disallowed. **Recommendations** For The Very Simple Breadcrumb WordPress plugin through 1.0, update to a version that properly sanitizes and escapes its settings to prevent Cross-Site Scripting attacks. As a temporary workaround, consider restricting administrative access to trusted users only until a patch is available.