Taiyou

**Name of the Vulnerable Software and Affected Versions** Custom 404 Pro versions through 3.12.0 **Description** A Cross-Site Request Forgery issue exists in Kunal Nagar Custom 404 Pro. This allows attackers to perform actions on behalf of authenticated users. The issue affects Custom 404 Pro WordPress Plugin. **Recommendations** Update Custom 404 Pro to a version later than 3.12.0.

Name of the Vulnerable Software and Affected Versions: LiteSpeed Cache versions n/a through 7.0.1 Description: A Server-Side Request Forgery (SSRF) vulnerability exists in LiteSpeed Cache. This issue allows for potentially malicious requests to be made from the server. Recommendations: Update LiteSpeed Cache to a version later than 7.0.1.

Name of the Vulnerable Software and Affected Versions: LiteSpeed Cache versions through 6.5.1 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in LiteSpeed Cache, allowing Privilege Escalation. This vulnerability enables an attacker to gain administrative privileges due to weak security hash verification. Over 6 million WordPress sites are potentially at risk. The vulnerability has been actively exploited, highlighting critical security implications for WordPress users. Recommendations: For LiteSpeed Cache versions through 6.5.1, update to version 6.5.2 to mitigate the risk and protect your website from potential exploits. As a temporary workaround, consider reviewing and limiting user roles and permissions on your WordPress sites, and ensure that recent backups of your website are available and up-to-date in case of an attack. Restrict access to the vulnerable plugin to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LiteSpeed Cache versions through 6.4.1 **Description** A Relative Path Traversal issue is present in LiteSpeed Technologies LiteSpeed Cache, allowing for Path Traversal. **Recommendations** For versions through 6.4.1, update to a version later than 6.4.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LiteSpeed Cache versions through 6.5.0.2 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS) or Stored XSS. This allows Stored XSS attacks. **Recommendations** For versions through 6.5.0.2, update to a version later than 6.5.0.2 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Avoid using potentially vulnerable features in LiteSpeed Cache until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** LiteSpeed Cache versions through 6.5.0.2 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS, which can be exploited by attackers to execute arbitrary JavaScript and potentially hijack accounts. The vulnerability affects over six million active installations of the LiteSpeed Cache plugin for WordPress. There have been reports of this issue being actively exploited. **Recommendations** For versions through 6.5.0.2, update to version 6.5.1 to resolve the issue. As a temporary workaround, consider disabling the CSS Combine and Generate UCSS optimization settings to minimize the risk of exploitation. Restrict access to the vulnerable plugin until the update is applied.

**Name of the Vulnerable Software and Affected Versions** libexpat versions prior to 2.6.3 **Description** The issue is related to a problem in the libexpat library, which is used for parsing XML files. It is caused by the library's failure to properly restrict references to external XML entities. This can allow an attacker to execute arbitrary code. The problem is specifically located in the xmlparse.c file, which does not reject a negative length for XML ParseBuffer. **Recommendations** For libexpat versions prior to 2.6.3, update to version 2.6.3 or later to resolve the issue. As a temporary workaround, consider disabling the use of external XML entities in the libexpat library until a patch is available. Restrict access to the xmlparse.c function to minimize the risk of exploitation. Avoid using the XML ParseBuffer function with negative lengths until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** libexpat versions prior to 2.6.3 **Description** An issue was discovered in libexpat that is related to an integer overflow in the `dtdCopy()` function in the `xmlparse.c` file. This issue can occur on 32-bit platforms and may allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For libexpat versions prior to 2.6.3, update to version 2.6.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `dtdCopy()` function in the `xmlparse.c` file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libexpat versions prior to 2.6.3 **Description** An issue was discovered in libexpat, where the `nextScaffoldPart` function in `xmlparse.c` can have an integer overflow for `m groupSize` on 32-bit platforms. This can allow a remote attacker to cause a denial of service or execute arbitrary code. The issue is related to the failure to properly handle integer overflows, which can lead to security vulnerabilities. **Recommendations** For libexpat versions prior to 2.6.3, update to version 2.6.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `nextScaffoldPart` function in `xmlparse.c` to minimize the risk of exploitation. Avoid using libexpat on 32-bit platforms until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Moodle versions (affected versions not specified) **Description** A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. This issue is related to the lack of protection against SQL query structure exploitation, which may allow a remote attacker to execute arbitrary SQL queries in the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pdfTeX (affected versions not specified) **Description** A flaw was found in pdfTeX, where insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.