WordPress Miraculous Theme < 2.0.9 is vulnerable to SQL Injection

Software Miraculous Type Theme Vulnerable versions 2.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2025-58628 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 1d5cba84a439 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity Required...

WordPress WP Announcement Plugin <=2.0.8 is vulnerable to Cross Site Scripting (XSS)

Software WP Announcement Type Plugin Vulnerable versions =2.0.8 Fixed in 2.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38685 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6b93ac81fa76 Credits Rayhan Ramdhany Hanaputra Required...

WordPress MailerLite – WooCommerce integration Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software MailerLite – WooCommerce integration Type Plugin Vulnerable versions = 2.0.8 Fixed in 2.0.9 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-52223 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c583a3f3b217 Credit...

WordPress Extensions For CF7 Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Extensions For CF7 Type Plugin Vulnerable versions = 2.0.8 Fixed in 2.0.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23899 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0538927ff62d Credits István Márton...