Sanjay Das

**Name of the Vulnerable Software and Affected Versions** AnyWhere Elementor WordPress plugin versions prior to 1.2.8 **Description** The issue allows an attacker to obtain a Freemius Secret Key, which could be used to purchase the pro subscription using test credit card numbers without actually paying the amount. The key in question has been revoked. **Recommendations** For versions prior to 1.2.8, update to version 1.2.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's subscription functionality until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Elementor Website Builder WordPress plugin versions prior to 3.12.2 **Description** The issue arises from improper sanitization and escaping of the `Replace URL` parameter in the Tools module, which is used in a SQL statement. This leads to a SQL injection that can be exploited by users with the Administrator role. **Recommendations** For versions prior to 3.12.2, update to version 3.12.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Tools module for users with the Administrator role until the update is applied.

**Name of the Vulnerable Software and Affected Versions** WPCode WordPress plugin versions prior to 2.0.7 **Description** The issue arises from inadequate privilege checks for several AJAX actions in the WPCode WordPress plugin, where only the nonce is checked. This may allow any authenticated user who can edit posts to call endpoints related to WPCode Library authentication, such as updating and deleting the auth key. **Recommendations** For versions prior to 2.0.7, update to version 2.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the WPCode Library authentication endpoints until the update is applied.

**Name of the Vulnerable Software and Affected Versions** WP All Export Pro versions prior to 1.7.9 **Description** The issue allows users with permission to run exports to execute arbitrary SQL statements due to the direct use of the `cc sql` POST parameter as a database query. This affects users who have been given permission to perform exports, which by default includes only users with the Administrator role, but can also include lower privileged users if such permissions are delegated. **Recommendations** For versions prior to 1.7.9, update to version 1.7.9 or later to resolve the issue. As a temporary workaround, consider restricting the permission to run exports to only the Administrator role until the update is applied.

**Name of the Vulnerable Software and Affected Versions** WP All Export Pro versions prior to 1.7.9 **Description** The issue allows any logged-in user with export privileges to execute arbitrary code on the site, despite the default restriction to administrators. This is because the plugin does not limit certain functionality during exports to users with the Administrator role. **Recommendations** For versions prior to 1.7.9, update to version 1.7.9 or later to resolve the issue. As a temporary workaround, consider removing export privileges from lower-privileged users until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Import all XML, CSV & TXT WordPress plugin versions prior to 6.5.8 **Description** The issue is related to the improper sanitization and escaping of imported data, which is then used in SQL statements. This leads to SQL injection, a type of attack where an attacker can execute malicious SQL code. The exploitation of this issue is possible by high-privilege users, such as administrators. **Recommendations** For versions prior to 6.5.8, update to version 6.5.8 or later to resolve the issue. As a temporary workaround, consider restricting the import functionality to minimize the risk of exploitation. Avoid using the import feature with untrusted data until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Drag and Drop Multiple File Upload WordPress plugin versions prior to 1.3.6.5 **Description** The issue arises from the plugin not properly checking the upload size limit set in forms. Instead, it takes the value from user input sent when submitting the form. This allows attackers to control the file length limit and bypass the limit set by administrators in the contact form. **Recommendations** For versions prior to 1.3.6.5, update to version 1.3.6.5 or later to resolve the issue. As a temporary workaround, consider restricting the upload size limit in the contact form settings to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Import all XML, CSV & TXT WordPress plugin versions prior to 6.5.8 **Description** The issue concerns a lack of authorization in certain areas of the plugin, potentially allowing any authenticated users to access specific features if they obtain the related nonce. **Recommendations** For versions prior to 6.5.8, update to version 6.5.8 or later to resolve the issue.