WordPress Optimize More! – CSS plugin <= 1.0.3 - Cross-Site Request Forgery to Plugin Settings Reset vulnerability

Cross-Site Request Forgery to Plugin Settings Reset vulnerability discovered by Nabil Irawan in WordPress Plugin Optimize More! – CSS versions = 1.0.3...

CVE-2025-9945 Optimize More! – CSS <= 1.0.3 - Cross-Site Request Forgery to Plugin Settings Reset

The Optimize More! – CSS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the resetplugin function. This makes it possible for unauthenticated attackers to reset the plugin's...