Front End Users

Authenticated (Contributor+) TimeBased SQL Injection vulnerability <= 3.2.28

Authenticated (Contributor+) Stored CrossSite Scripting via Shortcode vulnerability <= 3.2.28

Cross Site Request Forgery (CSRF) vulnerability <= 3.2.24

Cross Site Scripting (XSS) vulnerability < 3.2.25