Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion vulnerability
19 November, 2024
Authenticated (Author+) Stored CrossSite Scripting via SVG File Upload vulnerability
8 October, 2024
Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload vulnerability
22 August, 2024
Authenticated (Subscriber+) Missing Authorization to Plugin Settings Update vulnerability
11 July, 2024
Authenticated Arbitrary File Upload vulnerability
18 June, 2024