Yu Iwama

Name of the Vulnerable Software and Affected Versions: Fudousan plugin versions 5.7.0 and earlier Fudousan Plugin Pro Single-User Type versions 5.7.0 and earlier Fudousan Plugin Pro Multi-User Type versions 5.7.0 and earlier Description: A cross-site scripting issue allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Recommendations: For Fudousan plugin versions 5.7.0 and earlier, update to a version later than 5.7.0. For Fudousan Plugin Pro Single-User Type versions 5.7.0 and earlier, update to a version later than 5.7.0. For Fudousan Plugin Pro Multi-User Type versions 5.7.0 and earlier, update to a version later than 5.7.0.

Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce versions prior to 2.2.4 Description: The issue allows remote attackers to inject arbitrary script or HTML via unspecified vectors, which can lead to cross-site scripting. Recommendations: For versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue.