Sajjad Haqi

**Name of the Vulnerable Software and Affected Versions** weDevs WP User Frontend versions prior to 4.3.2 **Description** A missing authorization issue exists due to incorrectly configured access control security levels. **Recommendations** Update to a version newer than 4.3.1.

Name of the Vulnerable Software and Affected Versions David Lingren Media Library Assistant versions through 3.34 Description A SQL Injection issue exists in David Lingren Media Library Assistant due to improper neutralization of special elements used in an SQL command. This allows attackers to exploit the system. Recommendations Update to version 3.35.

Name of the Vulnerable Software and Affected Versions David Lingren Media LIbrary Assistant versions through 3.34 Description A stored cross-site scripting (XSS) issue exists in David Lingren Media LIbrary Assistant. This allows for the injection of malicious scripts through improper input neutralization during web page generation. Recommendations Update to a version later than 3.34