Vilaysone Chanthavong

**Name of the Vulnerable Software and Affected Versions** Image Source Control Lite – Show Image Credits and Captions versions prior to 3.9.2 **Description** Insufficient input sanitization and output escaping in the 'Image Source' attachment field allow authenticated attackers with Author-level access and above to inject arbitrary web scripts. These scripts execute whenever a user accesses an affected page. Stored Cross-Site Scripting is a flaw where a malicious script is permanently stored on the target server. **Recommendations** Update to a version newer than 3.9.1.

**Name of the Vulnerable Software and Affected Versions** The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts versions prior to 3.0.13 **Description** The plugin is susceptible to PHP Object Injection due to the deserialization of untrusted input within the `import shortcodes()` function. This allows authenticated attackers with Administrator-level access or higher to inject a PHP Object. This issue requires a POP chain (a sequence of gadgets used to achieve a specific goal during deserialization) to be present in another installed plugin or theme to have an impact. If such a chain exists, it could enable the deletion of arbitrary files, retrieval of sensitive data, or code execution. **Recommendations** Update to a version later than 3.0.12.

Name of the Vulnerable Software and Affected Versions The Quick Playground plugin for WordPress versions up to and including 1.3.1 Description The Quick Playground plugin for WordPress is susceptible to Remote Code Execution due to inadequate authorization checks on REST API endpoints. These endpoints expose a sync code and permit arbitrary file uploads. This allows unauthenticated attackers to retrieve the sync code, upload PHP files using path traversal techniques, and ultimately achieve remote code execution on the server. Recommendations Update the Quick Playground plugin to a version later than 1.3.1.

**Name of the Vulnerable Software and Affected Versions** Advance Block Extend plugin for WordPress versions through 1.0.4 **Description** The Advance Block Extend plugin for WordPress has a Stored Cross-Site Scripting issue. This is due to insufficient input sanitization and output escaping in the TitleColor block attribute within the Latest Posts Gutenberg block. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update the Advance Block Extend plugin to a version later than 1.0.4.

**Name of the Vulnerable Software and Affected Versions** Frontis Blocks versions prior to 1.1.7 **Description** The Frontis Blocks plugin for WordPress is susceptible to Server-Side Request Forgery. This is caused by inadequate restriction of the `url` parameter within the `template proxy` function. This allows unauthenticated attackers to initiate web requests to arbitrary locations from the web application. The affected API endpoints are '/template-proxy/' and '/proxy-image/'. **Recommendations** Update Frontis Blocks to version 1.1.7 or later.