Analysis of two arbitrary code execution vulnerabilities affecting WPS Office