Vulnerability history
0 present
12 patched
Unauthenticated Arbitrary PHP Object Instantiation vulnerability
9.8
3 April, 2025
CrossSite Request Forgery to Stored CrossSite Scripting vulnerability
7.1
27 March, 2025
Reflected CrossSite Scripting via 'account_id' and 'account_username' vulnerability
7.1
27 March, 2025
Reflected CrossSite Scripting via envato_code[] vulnerability
7.1
2 September, 2024
Authenticated (Contributor+) Stored CrossSite Scripting via button Shortcode vulnerability
6.5
4 June, 2024
