Yamil Rosa

Name of the Vulnerable Software and Affected Versions: WP Front-end login and register plugin for WordPress versions up to, and including, 2.1.0 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts in pages via the `email` and `wpmp reset password token` parameters. This enables attackers to execute scripts if they can trick a user into performing an action, such as clicking on a link. Recommendations: For versions up to, and including, 2.1.0, consider disabling the `email` and `wpmp reset password token` parameters until a patch is available to prevent exploitation. Restrict access to the affected plugin to minimize the risk of arbitrary web script injection. Avoid using the `email` and `wpmp reset password token` parameters in the affected plugin until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** RSS Icon Widget plugin for WordPress versions up to, and including, 5.2 **Description** The issue is related to Stored Cross-Site Scripting via the `link color` parameter due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The issue only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to, and including, 5.2, consider disabling the `link color` parameter until a patch is available to prevent exploitation. Restrict access to the plugin's functionality to minimize the risk of arbitrary web script injection. Update to a version that includes the necessary input sanitization and output escaping fixes when available.

**Name of the Vulnerable Software and Affected Versions** Toggles Shortcode and Widget plugin for WordPress versions up to, and including, 1.14 **Description** The issue is related to stored cross-site scripting due to insufficient input sanitization and output escaping through the `content` parameter. This allows authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The issue only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to, and including, 1.14, update to a version later than 1.14 to resolve the issue. As a temporary workaround, consider restricting access to the `content` parameter in the affected plugin until a patch is available. Restrict access to the plugin's functionality in multi-site installations and installations where unfiltered html has been disabled to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** 360 Javascript Viewer plugin for WordPress versions up to, and including, 1.7.29 **Description** The issue is related to Stored Cross-Site Scripting via the `ref` parameter due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The issue only affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to, and including, 1.7.29, update to a version that addresses the insufficient input sanitization and output escaping issue. As a temporary workaround, consider restricting access to the `ref` parameter to minimize the risk of exploitation. Additionally, ensure that unfiltered html is enabled, if possible, to reduce the attack surface.