Essential Real Estate

Cross Site Request Forgery (CSRF) vulnerability <= 5.1.8

Missing Authorization to Authenticated (Contributor+) Information Exposure vulnerability <= 5.1.6

Authenticated (Contributor+) Stored CrossSite Scripting via Shortcode vulnerability <= 4.4.2

Insecure Direct Object Reference to Arbitrary Attachment Deletion vulnerability <= 4.4.4

Authenticated (Subscriber+) Arbitrary File Upload vulnerability <= 4.3.5