Zhongfu Su

**Name of the Vulnerable Software and Affected Versions** The Gallery Plugin for WordPress versions prior to 1.8.4.7 **Description** The issue concerns the failure to escape the `REQUEST URI` parameter before outputting it back in an attribute. This could lead to Reflected Cross-Site Scripting in old web browsers. **Recommendations** For versions prior to 1.8.4.7, update to version 1.8.4.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin until the update is applied.

**Name of the Vulnerable Software and Affected Versions** @pendo324/get-process-by-name versions all **Description** The issue is related to Arbitrary Code Execution due to improper sanitization of the `getProcessByName` function. This allows for potential code execution without proper validation. **Recommendations** For all versions, consider disabling the `getProcessByName` function until a patch is available to prevent potential Arbitrary Code Execution. Restrict access to this function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Contact Form DB WordPress plugin versions prior to 1.8.0 **Description** The issue is related to Reflected Cross-Site Scripting. It occurs because the plugin does not properly sanitise and escape some parameters before outputting them back in attributes. **Recommendations** For versions prior to 1.8.0, update to version 1.8.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality until the update is applied.

**Name of the Vulnerable Software and Affected Versions** mc-kill-port versions all **Description** The issue concerns Arbitrary Command Execution via the `kill` function due to missing sanitization of the `port` argument. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For all versions, consider disabling the `kill` function as a temporary workaround until a patch is available. Restrict access to the `port` argument in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Crowdsignal Dashboard WordPress plugin versions prior to 3.0.8 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a `parameter` is not properly sanitised and escaped before being outputted back in the page. This allows for malicious scripts to be injected and executed. **Recommendations** For versions prior to 3.0.8, update to version 3.0.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the Crowdsignal Dashboard WordPress plugin until the update is applied.

**Name of the Vulnerable Software and Affected Versions** @acrontum/filesystem-template versions prior to 0.0.2 **Description** The issue is related to Arbitrary Command Injection due to the `fetchRepo` API missing sanitization of the `href` field of external input. This allows for potential command injection attacks. **Recommendations** For versions prior to 0.0.2, update to version 0.0.2 or later to resolve the issue. As a temporary workaround, consider disabling the `fetchRepo` API or restricting access to it until a patch is available. Avoid using the `href` field in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** CAPTCHA 4WP WordPress plugin versions prior to 7.1.0 **Description** The issue allows user input to reach a sensitive require once call in one of its admin-side templates. This can be exploited by attackers via a Cross-Site Request Forgery attack to run arbitrary code on the server. **Recommendations** For versions prior to 7.1.0, update to version 7.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin-side templates to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Advanced WordPress Reset WordPress plugin versions prior to 1.6 **Description** The issue concerns Reflected Cross-Site Scripting. It occurs because some generated URLs are not properly escaped before being outputted back in href attributes of admin dashboard pages. **Recommendations** For versions prior to 1.6, update to version 1.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WP Video Lightbox WordPress plugin versions prior to 1.9.5 **Description** The issue concerns the WP Video Lightbox WordPress plugin, where it fails to properly escape the `REQUEST URI` parameter before outputting it back in an attribute. This could potentially lead to Reflected Cross-Site Scripting in older web browsers. **Recommendations** For WP Video Lightbox WordPress plugin versions prior to 1.9.5, update to version 1.9.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Popup Anything WordPress plugin versions prior to 2.1.7 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in a frontend page. **Recommendations** For versions prior to 2.1.7, update to version 2.1.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the frontend page where the parameter is outputted until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Download Manager WordPress plugin versions prior to 3.2.44 **Description** The issue is related to Reflected Cross-Site Scripting. It occurs because a generated URL is not properly escaped before being outputted back in an attribute of the history dashboard. This allows for malicious scripts to be injected. **Recommendations** For versions prior to 3.2.44, update to version 3.2.44 or later to resolve the issue. As a temporary workaround, consider restricting access to the history dashboard to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Discount Rules for WooCommerce WordPress plugin versions prior to 2.4.2 **Description** The issue concerns a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly escaped before being outputted in an attribute on the plugin's discount rule page. **Recommendations** For versions prior to 2.4.2, update to version 2.4.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Advanced Database Cleaner WordPress plugin versions prior to 3.1.1 **Description** The issue is related to Reflected Cross-Site Scripting. It occurs because the plugin does not properly escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages. **Recommendations** For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin dashboard pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Contact Form 7 Captcha WordPress plugin versions prior to 0.1.2 **Description** The issue arises from the failure to escape the `REQUEST URI` parameter before outputting it back in an attribute, potentially leading to Reflected Cross-Site Scripting in older web browsers. **Recommendations** For versions prior to 0.1.2, update to version 0.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to attributes that use the `REQUEST URI` parameter until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** WooCommerce PDF Invoices & Packing Slips versions prior to 2.16.0 **Description** The issue allows attackers to conduct reflected cross-site scripting attacks due to a parameter on the setting page not being properly escaped. This makes it possible for attackers to inject malicious scripts into the page. **Recommendations** For versions prior to 2.16.0, update to version 2.16.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the setting page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** The Redirection for Contact Form 7 WordPress plugin versions prior to 2.5.0 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the plugin does not properly escape a link generated before outputting it in an attribute. This can lead to malicious scripts being executed. **Recommendations** For versions prior to 2.5.0, update to version 2.5.0 or later to resolve the issue. As a temporary workaround, consider disabling the plugin until a patch is available. Restrict access to the plugin's functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Ocean Extra WordPress plugin versions prior to 1.9.5 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the plugin does not properly escape generated links when the OceanWP is active. **Recommendations** For versions prior to 1.9.5, update to version 1.9.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** XML Sitemaps WordPress plugin versions prior to 4.1.3 **Description** The issue allows high privilege users to perform Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in multisite setups. This is due to the plugin not sanitizing and escaping settings before outputting them in the Debug page. **Recommendations** For versions prior to 4.1.3, update to version 4.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the Debug page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** gatsby-plugin-mdx versions 3.0.0 through 3.15.1 gatsby-plugin-mdx versions 2.14.0 and earlier **Description** The gatsby-plugin-mdx plugin is vulnerable to Deserialization of Untrusted Data when passing input through to the `gray-matter` package, due to its default configurations that are missing input sanitization. This vulnerability can be exploited when passing input in both webpack (MDX files in `src/pages` or MDX file imported as a component in frontend / React code) and data mode (querying MDX nodes via GraphQL). The injected JavaScript executes in the context of the build server. To exploit this vulnerability, untrusted/unsanitized input would need to be sourced or added into an MDX file. **Recommendations** For gatsby-plugin-mdx versions 3.0.0 through 3.15.1, update to version 3.15.2 or later. For gatsby-plugin-mdx versions 2.14.0 and earlier, update to version 2.14.1 or later. If an older version of gatsby-plugin-mdx must be used, input passed into the plugin should be sanitized ahead of processing. As a temporary workaround, consider disabling the `JSFrontmatterEngine` option to mitigate the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Check & Log Email WordPress plugin versions prior to 1.0.6 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in an attribute on an admin page. **Recommendations** For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue.