WordPress Black Rider theme <= 1.2.3 - Sensitive Data Exposure vulnerability

Software : Black Rider Type : Theme Vulnerable versions : = 1.2.3 OWASP Top 10 : A3: Sensitive Data Exposure Classification : Sensitive Data Exposure CVE ID : CVE-2025-59003 Patchstack priority : Medium CVSS severity : 5.8 Required privilege : Unauthenticated Developer : Claim ownership PSID :...

WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Plugin Optimizer versions = 1.3.7...

WordPress Flow-Flow Social Feed Stream plugin 3.0.0-4.7.5 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by kr0d in WordPress Plugin Flow-Flow Social Stream versions 3.0.0-4.7.5...

WordPress Like DisLike Voting plugin <= 1.0.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Like DisLike Voting versions = 1.0.1...

WordPress WP Delicious Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Delicious Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f958188390a5 Credits Rafie Muhammad Patchstack Required...