Wpdabh

**Name of the Vulnerable Software and Affected Versions** WP Calameo versions 2.1.7 and earlier **Description** The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting (XSS). This means that an attacker can inject malicious scripts into the website, potentially leading to unauthorized access or other malicious activities. **Recommendations** For WP Calameo versions 2.1.7 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ticket Tailor versions 1.10 and earlier **Description** The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means an attacker can inject malicious scripts into the website, potentially affecting users who access the compromised pages. **Recommendations** For versions 1.10 and earlier, update to a version that contains a fix for this issue, as using outdated versions may expose users to Stored XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ultra Companion – Companion plugin for WPoperation Themes versions 1.1.9 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially leading to unauthorized access or data theft. **Recommendations** For versions 1.1.9 and earlier, update to a version later than 1.1.9 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Themify Icons versions n/a through 2.0.1 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially affecting users who access the compromised page. **Recommendations** For Themify Icons versions n/a through 2.0.1, update to a version later than 2.0.1 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Epiphyt Embed Privacy versions 1.8.0 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially leading to unauthorized access or control. **Recommendations** For Epiphyt Embed Privacy versions 1.8.0 and earlier, update to a version later than 1.8.0 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WP Tabs – Responsive Tabs Plugin for WordPress versions prior to 2.2.0 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially leading to unauthorized access or other malicious activities. **Recommendations** For WP Tabs – Responsive Tabs Plugin for WordPress versions prior to 2.2.0, update to a version 2.2.0 or later to resolve the issue. As a temporary workaround, consider disabling the plugin until a patch is available. Restrict access to the plugin's functionality to minimize the risk of exploitation. Avoid using the plugin's features that allow user input until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** WooCommerce Menu Extension versions 1.6.2 and earlier **Description** The issue is related to improper neutralization of input during web page generation, which leads to a Stored XSS vulnerability. This allows for the storage of malicious scripts in the database, which are then executed when the affected page is viewed. **Recommendations** For versions 1.6.2 and earlier, update to a version that contains a fix for this issue, as the current version is affected by the Stored XSS vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.