WordPress Plugin Student Result or Employee Database is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update or delete student records with knowledge of only the student id number. WordPress Plugin Student Result or Employee Database version 1.6.3 is vulnerable; prior versions may also be affected.
Update to plugin version 1.6.4 or latest
WordPress Plugin AJAX Post Search 'srch_txt' Parameter SQL Injection (1.2)
WordPress Plugin Chameleon CSS SQL Injection (1.2)
WordPress Plugin API Bearer Auth Cross-Site Scripting (20181229)
WordPress Plugin File Manager Cross-Site Scripting (2.9)