Public SecNews bug reports.

Team Bounty Title
SecNews - DOM based XSS in search functionality
SecNews $300 Querying private posts and changing post meta
SecNews - Text injection on error page.
SecNews - Content spoofing due to the improper behavior of the not-found message