Vulnerability history

Remote Code Execution (RCE) vulnerability

Server Side Request Forgery (SSRF) vulnerability

Maintenance Mode Bypass vulnerability

Information Exposure vulnerability

Unauthenticated Arbitrary CSS Update vulnerability

Authenticated Remote Code Execution (RCE) vulnerability

Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Arbitrary Post Read (draft, pending, private or even password-protected) vulnerability

Unauthenticated Subscribers List Export vulnerability

Unauthenticated Plugin Deactivation vulnerability