Tom Broucke

**Name of the Vulnerable Software and Affected Versions** FunnelKit Funnel Builder versions through 3.10.2 **Description** FunnelKit Funnel Builder is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This issue allows for potential SQL injection attacks. **Recommendations** Update FunnelKit Funnel Builder to a version later than 3.10.2.

**Name of the Vulnerable Software and Affected Versions** Ultimate Auction Pro plugin for WordPress versions up to, and including, 1.5.2 **Description** The issue is related to SQL Injection via the `auction id` parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This allows unauthenticated attackers to append additional SQL queries into already existing queries, which can be used to extract sensitive information from the database. **Recommendations** For Ultimate Auction Pro plugin for WordPress versions up to, and including, 1.5.2, consider updating to a version later than 1.5.2 to resolve the issue. As a temporary workaround, consider restricting access to the `auction id` parameter in the affected API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions:** Beaver Builder Plugin (Starter Version) versions prior to 2.9.1 **Description:** The Beaver Builder Plugin (Starter Version) for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the `save enabled icons` function. This allows authenticated attackers with Administrator-level access and above to upload arbitrary files to the affected site's server, potentially leading to remote code execution. The vulnerability was partially addressed in version 2.9.1. **Recommendations:** Versions prior to 2.9.1: Update to version 2.9.1 or later.

**Name of the Vulnerable Software and Affected Versions** Prevent Direct Access – Protect WordPress Files plugin versions up to, and including, 2.8.8 **Description** The issue allows unauthenticated attackers to extract sensitive data, including files protected by the plugin, due to insufficient randomness of the generated file name via the `generate unique string`. This makes it possible for attackers to determine the file name and access protected files. **Recommendations** For versions up to, and including, 2.8.8, consider disabling the `generate unique string` function until a patch is available to prevent predictable file names. Restrict access to sensitive files protected by the plugin to minimize the risk of exploitation. Avoid using the plugin until a newer version with improved randomness for generated file names is released.

Name of the Vulnerable Software and Affected Versions: Search & Filter Pro plugin for WordPress versions prior to 2.5.20 Description: The issue allows unauthorized access to data due to a missing capability check on the `get meta values` function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the values of arbitrary post meta. Recommendations: For versions up to and including 2.5.19, update to version 2.5.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the `get meta values` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** DefendWP Firewall versions 1.1.0 and earlier **Description** A Missing Authorization issue in DefendWP Firewall allows exploitation of incorrectly configured access control security levels. **Recommendations** For DefendWP Firewall versions 1.1.0 and earlier, update to a version that contains a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.