BuddyBoss Theme — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in BuddyBoss Theme, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-13858	BuddyBoss Platform and BuddyBoss Theme <= Multiple Versions - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'invitee_name' CWE-79	6.4	Medium	2025-05-02
CVE-2024-37925	WordPress BuddyBoss Theme theme <= 2.4.61 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	5.4	Medium	2025-01-02
CVE-2023-51477	WordPress BuddyBoss Theme theme <= 2.4.60 - Unauth. Arbitrary WordPress Settings Change vulnerability CWE-287	9.8	Critical	2024-04-24

All 3 known CVE vulnerabilities affecting BuddyBoss Theme with full Chinese analysis, references, and POCs where available.