The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden in its registration form, which contains the role for the…

An API Endpoint used by Miele’s “AppWash” MobileApp in all versions was vulnerable to an authorization bypass. A low privileged, remote attacker would have been…