Zaidan Rizaki

**Name of the Vulnerable Software and Affected Versions** Asset CleanUp: Page Speed Booster versions 1.3.9.8 and earlier **Description** A Server-Side Request Forgery (SSRF) issue affects the Asset CleanUp: Page Speed Booster plugin, allowing an attacker to perform Server Side Request Forgery. This could potentially lead to unauthorized access to internal resources. **Recommendations** For versions 1.3.9.8 and earlier, as a temporary workaround, consider restricting access to the plugin until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cool Plugins Cryptocurrency Widgets For Elementor versions 1.6.4 and earlier **Description** The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This could potentially lead to remote code execution. **Recommendations** For versions 1.6.4 and earlier, update the plugin to a patched version as soon as possible to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to vulnerable PHP files or functions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** I Thirteen Web Solution Responsive Filterable Portfolio versions 1.0.0 through 1.0.22 **Description** The issue is a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to perform Server Side Request Forgery. This can potentially lead to unauthorized access to internal resources. **Recommendations** For versions 1.0.0 through 1.0.22, update to a version that contains a fix for this issue, as no specific mitigation measures are provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.