CVE-2024-1710
CVE-2024-1710 pertains to WordPress Addon Library plugin where a missing capability check on the onAjaxAction function allows authenticated users with subscriber-level access (and higher) to perform several unauthorized actions, including uploading arbitrary files, across all versions up to 1.3.7...