I went for coffee and came back with 6 vulnerabilities in WordPress plugins

A security researcher discovered six vulnerabilities across popular WordPress plugins and components during a short break. The findings include an unauthenticated arbitrary file upload in Royal Elementor Addons via an exposed AJAX nonce, CSS injection in Appointment Hour Booking allowing site defacement, error-based SQL injection in Tutor LMS due to improper use of sanitize_text_field(), SSRF in Better WP Security and SAML SSO plugins enabling internal network scanning and cloud metadata theft, and an open redirect in WooCommerce's REST API auth flow caused by using wp_redirect() instead of wp_safe_redirect(). The common root cause across all findings is blind trust in user input and missing input validation.