0.0
CVE-2025-31901 - WordPress Digihood HTML Sitemap Plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digihood Digihood HTML Sitemap wedesin-html-sitemap allows Reflected XSS.This issue affects Digihood HTML Sitemap: from n/a through <= 3.1.1.
0.0
CVE-2025-31900 - WordPress Lexicata plugin <= 1.0.16 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lexicata Lexicata lexicata allows Reflected XSS.This issue affects Lexicata: from n/a through <= 1.0.16.
0.0
CVE-2025-31899 - WordPress Awesome Logos plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpshopee Awesome Logos awesome-logos allows Reflected XSS.This issue affects Awesome Logos: from n/a through <= 1.2.
0.0
CVE-2025-31898 - WordPress MediaView plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dustinscarberry MediaView mediaview allows Reflected XSS.This issue affects MediaView: from n/a through <= 1.1.2.
0.0
CVE-2025-31896 - WordPress GetBookingsWP Plugin <= 1.1.27 - Broken Access Control vulnerability
Missing Authorization vulnerability in istmoplugins GetBookingsWP get-bookings-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetBookingsWP: from n/a through <= 1.1.27.
0.0
CVE-2025-31893 - WordPress Botnet Attack Blocker plugin <= 2.0.0 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cheesefather Botnet Attack Blocker botnet-attack-blocker allows Stored XSS.This issue affects Botnet Attack Blocker: from n/a through <= 2.0.0.
0.0
CVE-2025-31876 - WordPress Payday plugin <= 3.3.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in gunnarpayday Payday payday allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payday: from n/a through <= 3.3.18.
0.0
CVE-2025-31858 - WordPress Local Magic plugin <= 2.9.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in matthewrubin Local Magic local-magic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Local Magic: from n/a through <= 2.9.0.
0.0
CVE-2025-31841 - WordPress FPW Category Thumbnails Plugin <= 1.9.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Frank P. Walentynowicz FPW Category Thumbnails fpw-category-thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FPW Category Thumbnails: from n/a through <= 1.9.5.
0.0
CVE-2025-31827 - WordPress Fonto plugin <= 1.2.2 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vlad.olaru Fonto fonto allows Path Traversal.This issue affects Fonto: from n/a through <= 1.2.2.