WordPress ZoloBlocks 插件 <= 2.3.11 - 缺少对未认证弹出窗口启用/禁用的授权漏洞

WordPress 为特定模板禁用内容编辑器插件 <= 2.0 - 跨站请求伪造到模板配置更新漏洞

WordPress RapidResult plugin <= 1.2 - Authenticated (Contributor+) SQL Injection vulnerability

WordPress WooCommerce插件的灵活退款和退货订单 <= 1.0.38 - 缺少对已认证（订阅者+）任意订单退款的授权漏洞

WordPress PixelYourSite plugin <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification vulnerability

WordPress Image optimization service by Optimole plugin <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Author+) Media Offload vulnerability

WordPress LearnPress – WordPress LMS Plugin plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation vulnerability

WordPress 主题编辑器插件 <= 3.0 - 跨站请求伪造到远程代码执行漏洞

WordPress LearnPress – WordPress LMS Plugin plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation vulnerability

WordPress GSpeech TTS – WordPress Text To Speech Plugin plugin <= 3.17.13 - Authenticated (Admin+) SQL injection vulnerability