4.3
CVE-2025-31814 - WordPress OwnerRez Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in OwnerRez OwnerRez allows Cross Site Request Forgery. This issue affects OwnerRez: from n/a through 1.2.0.
6.5
CVE-2025-31813 - WordPress WPSHARE247 Elementor Addons plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Website366.com WPSHARE247 Elementor Addons allows Stored XSS. This issue affects WPSHARE247 Elementor Addons: from n/a through 2.1.
6.5
CVE-2025-31812 - WordPress BuddyPress Members Only plugin <= 3.5.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas BuddyPress Members Only allows Stored XSS. This issue affects BuddyPress Members Only: from n/a through 3.5.3.
6.5
CVE-2025-31811 - WordPress Planyo online reservation system plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtreeme Planyo online reservation system allows Stored XSS. This issue affects Planyo online reservation system: from n/a through 3.0.
5.3
CVE-2025-31810 - WordPress Question Answer Plugin <= 1.2.70 - Broken Access Control vulnerability
Missing Authorization vulnerability in PickPlugins Question Answer allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Question Answer: from n/a through 1.2.70.
4.3
CVE-2025-31809 - WordPress Labinator Content Types Duplicator Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vuβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator allows Cross Site Request Forgery. This issue affects Labinator Content Types Duplicator: from n/a through 1.1.3.
4.3
CVE-2025-31808 - WordPress SCSS WP Editor Plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor allows Cross Site Request Forgery. This issue affects SCSS WP Editor: from n/a through 1.1.8.
4.3
CVE-2025-31807 - WordPress Product Notices for WooCommerce plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulneβ¦
Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce allows Cross Site Request Forgery. This issue affects Product Notices for WooCommerce: from n/a through 1.3.3.
5.9
CVE-2025-31806 - WordPress Webling Plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uSystems Webling allows Stored XSS. This issue affects Webling: from n/a through 3.9.0.
6.5
CVE-2025-31805 - WordPress Gutena Kit plugin <= 2.0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Systems Gutena Kit β Gutenberg Blocks and Templates allows Stored XSS. This issue affects Gutena Kit β Gutenberg Blocks and Templates: from n/a through 2.0.7.