4.3
CVE-2025-31843 - WordPress OpenAI Tools for WordPress & WooCommerce plugin <= 2.1.5 - Broken Access Control vulnerabβ¦
Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OpenAI Tools for WordPress & WooCommerce: from n/a through 2.1.5.
5.3
CVE-2025-31842 - WordPress Viral Loops WP Integration Plugin <= 3.4.0 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in viralloops Viral Loops WP Integration allows Retrieve Embedded Sensitive Data. This issue affects Viral Loops WP Integration: from n/a through 3.4.0.
4.3
CVE-2025-31840 - WordPress Simple Fixed Notice Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in digireturn Simple Fixed Notice allows Cross Site Request Forgery. This issue affects Simple Fixed Notice: from n/a through 1.6.
4.3
CVE-2025-31839 - WordPress Footer Contacts Bar Plugin <= 1.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in digireturn DN Footer Contacts allows Cross Site Request Forgery. This issue affects DN Footer Contacts: from n/a through 1.8.
6.5
CVE-2025-31838 - WordPress Eventbee RSVP Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eventbee Eventbee RSVP Widget allows DOM-Based XSS. This issue affects Eventbee RSVP Widget: from n/a through 1.0.
5.9
CVE-2025-31837 - WordPress WP Proposals plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3.
5.3
CVE-2025-31836 - WordPress Review Manager Plugin <= 2.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in matthewrubin Review Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Review Manager: from n/a through 2.2.0.
6.5
CVE-2025-31835 - WordPress WP Plugin Info Card plugin <= 5.2.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brice Capobianco WP Plugin Info Card allows DOM-Based XSS. This issue affects WP Plugin Info Card: from n/a through 5.2.5.
5.3
CVE-2025-31834 - WordPress JobBoard Job listing plugin Plugin <= 1.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in themeglow JobBoard Job listing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBoard Job listing: from n/a through 1.2.7.
4.9
CVE-2025-31833 - WordPress JobBoard Job listing plugin Plugin <= 1.2.7 - Insecure Direct Object References (IDOR) vuβ¦
Authorization Bypass Through User-Controlled Key vulnerability in themeglow JobBoard Job listing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBoard Job listing: from n/a through 1.2.7.