Missing Authorization vulnerability in G5Plus products Multiple plugins and/or themes for WordPress using Smart Framework are vulnerable to Stored Cross-Site Scripting due to a missing capability check on the saveOptions() and importThemeOptions() functions in various versions.
Missing Authorization vulnerability in Favethemes Homey The Homey theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the homey_reservation_del() function in all versions up to, and including, 2.4.4.
Missing Authorization vulnerability in Flynax Bridge The Flynax Bridge plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteUser() function in all versions up to, and including, 2.2.0.