Sven Schleier

Name of the Vulnerable Software and Affected Versions: WordPress Photo Gallery plugin versions prior to 1.2.11 Description: The issue allows remote authenticated users to inject arbitrary web script or HTML via certain parameters in an addImages action to the "wp-admin/admin-ajax.php" API endpoint. The vulnerable parameters include `sort by`, `sort order`, `items view`, `dir`, `clipboard task`, `clipboard files`, `clipboard src`, and `clipboard dest`. Recommendations: For WordPress Photo Gallery plugin versions prior to 1.2.11, update to version 1.2.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the "wp-admin/admin-ajax.php" API endpoint for untrusted users until the update is applied. Avoid using the vulnerable parameters in the addImages action until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Fat Free CRM versions prior to 0.13.6 **Description** The issue allows remote attackers to conduct cross-site request forgery (CSRF) attacks. This can be achieved by sending a request without the `authenticity token`, for example, via a crafted HTML page. Such an attack can result in creating a new administrator account. **Recommendations** For versions prior to 0.13.6, update to version 0.13.6 or later to resolve the issue. As a temporary workaround, consider implementing additional CSRF protection measures to prevent unauthorized requests.