WordPress Directorist plugin <= 8.5.2 - Missing Authorization to Authenticated (Subscriber+) Data Export and Slug Update vulnerability

Missing Authorization to Authenticated Subscriber+ Data Export and Slug Update vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Directorist versions = 8.5.2...

CVE-2023-2495 Greeklish-permalink < 3.5 - Unauthenticated Post Slug Update

The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtransajaxold AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF...