Cross-Site Request Forgery (CSRF) leading to Persistent Cross-Site Scripting (XSS) vulnerability discovered by Ex.Mi (Patchstack) in WordPress PNG to JPG plugin (versions <= 4.0).
Update the WordPress PNG to JPG plugin to the latest available version (at least 4.1).