WordPress PWA plugin <= 1.6.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin PWA versions = 1.6.3...

WordPress PWA for WP & AMP plugin <= 1.7.72 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin PWA for WP & AMP versions = 1.7.72...