Vishal12M

Name of the Vulnerable Software and Affected Versions: Filter Portfolio Gallery WordPress plugin versions 1.5 and earlier Description: The issue is related to a lack of Cross-Site Request Forgery (CSRF) check when deleting a Gallery. This could allow attackers to make a logged-in admin delete arbitrary Galleries. Recommendations: For Filter Portfolio Gallery WordPress plugin versions 1.5 and earlier, update to a version that includes a CSRF check for gallery deletion to prevent unauthorized modifications. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: The Great Quotes WordPress plugin version 1.0.0 Description: The issue concerns the lack of sanitization and escaping of the `Quote` and `Author` fields in the plugin's Quotes, potentially allowing high-privilege users to perform Cross-Site Scripting attacks, even when the `unfiltered html` capability is disallowed. Recommendations: For The Great Quotes WordPress plugin version 1.0.0, update to a version that properly sanitizes and escapes the `Quote` and `Author` fields to prevent Cross-Site Scripting attacks.