Unauthenticated PHP Object Injection to Limited Remote Code Execution vulnerability
2 June, 2025
Admin+ Stored XSS vulnerability
31 January, 2025
Authenticated (Author+) Stored CrossSite Scripting via SVG File Upload vulnerability
27 August, 2024
Server Side Request Forgery (SSRF) vulnerability
30 May, 2024
Broken Access Control vulnerability
19 January, 2024