0.0

CVE-2025-31474 - WordPress WP Database Optimizer plugin <= 1.2.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in matthewprice1178 WP Database Optimizer wp-database-optimizer allows Cross Site Request Forgery.This issue affects WP Database Optimizer: from n/a through <= 1.2.1.3.

📅 Published: March 28, 2025, 11:54 a.m. 🔄 Last Modified: April 1, 2026, 5:21 p.m.

8.8

CVSS3.1

CVE-2025-2815 - Administrator Z <= 2025.03.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Opti…

The Administrator Z plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the adminz_import_backup() function in all versions up to, and including, 2025.03.24. This makes it possible for authenticated attac…

📅 Published: March 28, 2025, 11:13 a.m. 🔄 Last Modified: April 8, 2026, 4:45 p.m.

4.8

CVSS4.0

CVE-2025-2870 - Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System

Reflected Cross-Site Scripting (XSS) vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the page parameter in /patient_side.php.

📅 Published: March 28, 2025, 10:49 a.m. 🔄 Last Modified: Oct. 15, 2025, 4:53 p.m.

4.8

CVSS4.0

CVE-2025-2869 - Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System

Reflected Cross-Site Scripting (XSS) vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the id parameter in /manage_user.php.

📅 Published: March 28, 2025, 10:49 a.m. 🔄 Last Modified: Oct. 15, 2025, 4:54 p.m.

0.0