WordPress WooBuddy plugin <= 3.4.25 - Cross-Site Request Forgery to Limited Settings Update vulnerability

Cross-Site Request Forgery to Limited Settings Update vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin WooBuddy versions = 3.4.25...

WordPress WooBuddy plugin <= 3.4.24 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Settings Update vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin WooBuddy versions = 3.4.24...

CVE-2024-35726 WordPress WooBuddy plugin <= 3.4.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19...

WordPress WooBuddy plugin <= 3.4.20 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin WooBuddy versions = 3.4.20...

WordPress WooBuddy Plugin <= 3.4.15 is vulnerable to Cross Site Scripting (XSS)

Software WooBuddy Type Plugin Vulnerable versions = 3.4.15 Fixed in 3.4.16 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2e4b04e137df Credits Rafie Muhammad Patchstack Required...