4.7.3 Authenticated (Contributor+) Stored CrossSite Scripting via wpml_language_switcher Shortcode
1 May, 2025
Authenticated (Contributor+) Remote Code Execution via Twig ServerSide Template Injection vulnerability
21 August, 2024
CrossSite Request Forgery (CSRF) vulnerability
9 November, 2022
CrossSite Request Forgery (CSRF) vulnerability
9 November, 2022
Broken Access Control vulnerability
9 November, 2022