Cross-Site Request Forgery (CSRF) vulnerability in Codebangers All in One Time Clock Lite aio-time-clock-lite allows Cross Site Request Forgery.This issue affects All in One Time Clock Lite: from n/a through < 1.3.326.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Codebangers All in One Time Clock Lite plugin <= 1.3.320 versions.