ZoomSounds plugin for WordPress versions up to 5.96 contains a file upload vulnerability caused by missing file type validation in 'savepng.php', letting unauthenticated attackers upload arbitrary ...