Plugin
Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images' vulnerability
29 August, 2025
Authenticated (Author+) Stored CrossSite Scripting via SVG File Upload vulnerability
1 October, 2024
Cross Site Scripting (XSS) vulnerability
28 June, 2024
Cross Site Scripting (XSS) vulnerability
28 May, 2024
Unauthenticated Broken Access Control vulnerability
28 May, 2024