WordPress URL Image Importer plugin <= 1.0.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by bxdman in WordPress Plugin URL Image Importer versions = 1.0.7...

WordPress Media Author Plugin <= 1.0.4 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Bao BlueRock in WordPress Plugin Media Author versions = 1.0.4...