Mattermost Plugins vulnerabilities

CVE-2023-3613 [LOW] CWE-863 CVE-2023-3613: Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding user Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default.

CVE-2019-20864 [HIGH] CVE-2019-20864: An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account.