WordPress eMagicOne Store Manager for WooCommerce plugin <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image() vulnerability

Unauthenticated Arbitrary File Upload via setimage vulnerability discovered by Ryan Kozak in WordPress Plugin eMagicOne Store Manager versions = 1.2.5...

WordPress g-FFL Cockpit plugin <= 1.7.1 - Missing Authorization to Unauthenticated Information Exposure vulnerability

Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by Ryan Kozak in WordPress Plugin g-FFL Cockpit versions = 1.7.1...

WordPress Bread & Butter plugin <= 7.11.1374 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability

Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin Bread & Butter versions = 7.11.1374...

WordPress AI Feeds plugin <= 1.0.11 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin AI Feeds versions = 1.0.11...

WordPress S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator plugin <= 1.7.8 - Authenticated (Editor+) Arbitrary File Upload vulnerability

Authenticated Editor+ Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin S2B AI Assistant versions = 1.7.8...