Sirv

Cross Site Scripting (XSS) Vulnerability <= 7.5.3

Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion vulnerability <= 7.3.0

Authenticated (Author+) Stored CrossSite Scripting via SVG File Upload vulnerability <= 7.2.9

Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload vulnerability <= 7.2.7

Authenticated (Subscriber+) Missing Authorization to Plugin Settings Update vulnerability <= 7.2.7