WordPress Checkout Mestres do WP for WooCommerce 8.7.5 Missing Authentication

WordPress Checkout Mestres do WP for WooCommerce plugin versions 8.6.5 through 8.7.5 suffer from a missing authentication vulnerability that allows you to update options...

CVE-2021-36915

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs Profile Builder plugin = 3.6.0 at WordPress allows uploading the JSON file and updating the options. Requires Import and Export add-on...