Sajjad Ahmad

**Name of the Vulnerable Software and Affected Versions** Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress versions up to and including 3.3.2 **Description** The issue is related to Stored Cross-Site Scripting via the `Title` value due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The issue affects multi-site installations and installations where `unfiltered html` has been disabled. **Recommendations** For versions up to and including 3.3.2, update to a version later than 3.3.2 to resolve the issue. As a temporary workaround, consider restricting access to the `Title` value input field to minimize the risk of exploitation. Restrict access to pages that may contain injected scripts to prevent execution.

**Name of the Vulnerable Software and Affected Versions** Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress versions up to 3.3.2 **Description** The issue allows authenticated attackers with Administrator-level access and above to read the contents of arbitrary files on the server via the file download functionality. This can potentially expose sensitive information. **Recommendations** For versions up to 3.3.2, update to a version higher than 3.3.2 to resolve the issue. As a temporary workaround, consider restricting access to the file download functionality until a patch is available.

Name of the Vulnerable Software and Affected Versions: Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress versions 1.1.2 and earlier Description: The issue is related to a missing capability check on the `update api key` function, allowing authenticated attackers with Subscriber-level access and above to update API Key options. This makes it possible for attackers to modify data without proper authorization. Recommendations: For versions 1.1.2 and earlier, update the plugin immediately to patch the flaw. As a temporary workaround, consider restricting access to the `update api key` function until a patch is available.

Name of the Vulnerable Software and Affected Versions: Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress versions up to, and including, 1.1.2 Description: The issue is due to missing or incorrect nonce validation on the `update api key` function, making it possible for unauthenticated attackers to update an API key via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. This allows attackers to perform unwanted actions on behalf of users. Recommendations: For versions up to, and including, 1.1.2, update to a patched version immediately to resolve the issue. Additionally, review logs for signs of exploit. As a temporary workaround, consider restricting access to the `update api key` function until a patch is available.