Strapi has addressed four security vulnerabilities in its platform, thanks to the contributions from community members and a diligent internal process that involved testing, validation, and communication. The vulnerabilities affected various components, including the content-manager plugin, rate-limiting middleware, RBAC permissions, and the handling of custom fields during user registration. In response, Strapi has released patches, urging users to upgrade to version v4.13.5 or greater to ensure all issues are resolved and has shared detailed disclosures following a mandatory waiting period to allow users time to upgrade. The company emphasizes responsible disclosure to protect users from potential exploitation and has communicated the necessary updates to its enterprise and cloud customers. Strapi appreciates the professional conduct of security researchers in identifying and helping to fix these vulnerabilities and encourages others to report any potential security issues through their established channels.