#auth

Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forget About Shortcode Buttons plugin <= 2.1.2 versions.

Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions.

Cross-Site Request Forgery (CSRF) vulnerability in WP Reactions, LLC WP Reactions Lite plugin <= 1.3.8 versions.

Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.

H5P metadata automatically populated the author with the user's username, which could be sensitive information.

Cross-Site Request Forgery (CSRF) vulnerability in Benedict B., Maciej Gryniuk Hyphenator plugin <= 5.1.5 versions.

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.