Hacked or malicious owner can steal all tokens
Lines of code Vulnerability details Tokens for all active drips are stored in the DripsHub contract. Since DripsHub is an upgradeable ERC1967Proxy, a malicious or hacked owner can simply upgrade the contract to include e.g., the following function: function stealTokensIERC20 token, address to,...