Authenticated (Contributor+) Stored DOMBased CrossSite Scripting via FancyBox 5 JavaScript Library vulnerability
3 April, 2025
Authenticated (Author+) Arbitrary File Upload vulnerability
7 January, 2025
Incomplete Authorization via 'save_image' and 'save_images' vulnerability
12 September, 2023
Unauth. Plugin Settings Change vulnerability
28 October, 2022
Reflected CrossSite Scripting (XSS) vulnerability
6 June, 2022