0.0
CVE-2025-68850 - WordPress Sell Downloads plugin <= 1.1.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in codepeople Sell Downloads sell-downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sell Downloads: from n/a through <= 1.1.12.
7.5
CVE-2025-68547 - WordPress Follow My Blog Post plugin <= 2.4.0 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Follow My Blog Post: from n/a through <= 2.4.0.
0.0
CVE-2025-68044 - WordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDβ¦
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through <= 2.7.4.
0.0
CVE-2025-68033 - WordPress Custom Related Posts plugin <= 1.8.0 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Brecht Custom Related Posts custom-related-posts allows Retrieve Embedded Sensitive Data.This issue affects Custom Related Posts: from n/a through <= 1.8.0.
0.0
CVE-2025-68029 - WordPress Wallet System for WooCommerce plugin <= 2.7.3 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in WP Swings Wallet System for WooCommerce wallet-system-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Wallet System for WooCommerce: from n/a through <= 2.7.3.
0.0
CVE-2025-68014 - WordPress AweBooking plugin <= 3.2.26 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in awethemes AweBooking awebooking allows Retrieve Embedded Sensitive Data.This issue affects AweBooking: from n/a through <= 3.2.26.
5.3
CVE-2026-0586 - code-projects Online Product Reservation System prod.php cross site scripting
A vulnerability was detected in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file handgunner-administrator/prod.php. Performing a manipulation of the argument cat results in cross site scripting. The attack is possible to be carried out remβ¦
9.9
CVE-2025-31048 - WordPress Shopo <= 1.1.4 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4.
8.8
CVE-2025-31047 - WordPress Themify Edmin theme <= 2.0.0 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0.
4.3
CVE-2025-31046 - WordPress AnyWhere Elementor Pro plugin <= 2.29 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WPvibes AnyWhere Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyWhere Elementor Pro: from n/a through 2.29.