Authorization
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the processpolylangthemetranslationwploaded function. This makes it possible for unauthenticated attackers to update plugin and theme...