CVE-2026-1753 Gutena Forms < 1.6.1 - Contributor+ Arbitrary Limited Options Update

The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options such as userscanregister...

GHSA-5FW9-FQ32-WV5P OS Command Injection in node-notifier

This affects the package node-notifier before 8.0.1. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array...