Yougina

**Name of the Vulnerable Software and Affected Versions** Hibernate (affected versions not specified) **Description** A flaw exists in Hibernate that allows a remote attacker with low privileges to exploit a second-order SQL injection. The issue occurs when specially crafted, unsanitized non-alphanumeric characters are provided in the ID column while using the `InlineIdsOrClauseBuilder`. Successful exploitation could lead to sensitive information disclosure, including the ability to read system files, and allow for data manipulation or deletion within the application's database, potentially resulting in an application-level denial of service. A second-order SQL injection occurs when an application receives data from a trusted source but does not properly sanitize it before using it in a database query. The `InlineIdsOrClauseBuilder` is a component used to construct SQL queries. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WP SMTP plugin for WordPress versions 1.2 to 1.2.6 **Description** The issue allows authenticated attackers with administrator-level access and above to perform SQL Injection via the `search` parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This enables attackers to append additional SQL queries into already existing queries, potentially extracting sensitive information from the database. **Recommendations** For WP SMTP plugin for WordPress versions 1.2 to 1.2.6, consider restricting access to the `search` parameter to minimize the risk of exploitation until a patch is available. Avoid using the `search` parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Smart Slider 3 plugin for WordPress versions up to, and including, 3.5.1.22 **Description** The issue arises from a missing capability check on the upload function, allowing authenticated attackers with contributor-level access and above to upload files, including SVG files. This can be used to conduct stored cross-site scripting attacks. **Recommendations** For versions up to, and including, 3.5.1.22, update to a version higher than 3.5.1.22 to resolve the issue. As a temporary workaround, consider restricting access to the upload function to prevent unauthorized file uploads until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Booster Elite for WooCommerce plugin for WordPress versions up to, and including, 7.1.7 **Description** The issue arises from missing file type validation in the `wc add new product()` function, allowing arbitrary file uploads. This could potentially lead to remote code execution when the user product upload functionality is enabled, exploitable by customer-level attackers and above. **Recommendations** For versions up to, and including, 7.1.7, update to a version newer than 7.1.7 to resolve the issue. As a temporary workaround, consider disabling the user product upload functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Ultimate Member versions 2.1.3 through 2.8.2 **Description** The issue is related to a SQL injection vulnerability in the Ultimate Member plugin for WordPress. This vulnerability can be exploited by unauthenticated attackers to append additional SQL queries to existing ones, potentially allowing them to extract sensitive information from the database. The vulnerability is caused by insufficient escaping on user-supplied parameters and a lack of sufficient preparation on existing SQL queries. It is estimated that over 200,000 websites are potentially affected by this issue. There have been reports of attempts to exploit this vulnerability, highlighting the need for prompt action to secure affected sites. **Recommendations** To resolve the issue, update the Ultimate Member plugin to version 2.8.3 or later. This update addresses the SQL injection vulnerability and helps prevent data breaches. Additionally, consider implementing two-factor authentication and using strong passwords to further enhance security. Regularly updating plugins and themes is also crucial in maintaining the security of WordPress sites.

**Name of the Vulnerable Software and Affected Versions** MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance versions through 4.4.3.3 **Description** The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential exploitation by injecting malicious SQL code. **Recommendations** For versions through 4.4.3.3, update to a version later than 4.4.3.3 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation.