0.0
CVE-2025-31466 - WordPress Duplicate Page and Post plugin <= 1.0 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Falcon Solutions Duplicate Page and Post duplicate-post-and-page allows Blind SQL Injection.This issue affects Duplicate Page and Post: from n/a through <= 1.0.
0.0
CVE-2025-31469 - WordPress Clear Sucuri Cache plugin <= 1.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in webrangers Clear Sucuri Cache clear-sucuri-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clear Sucuri Cache: from n/a through <= 1.4.
0.0
CVE-2025-31470 - WordPress Page Takeover plugin <= 1.1.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Page Takeover page-takeover allows Stored XSS.This issue affects Page Takeover: from n/a through <= 1.1.6.
0.0
CVE-2025-31471 - WordPress Duplicate Page and Post plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Falcon Solutions Duplicate Page and Post duplicate-post-and-page allows Stored XSS.This issue affects Duplicate Page and Post: from n/a through <= 1.0.
0.0
CVE-2025-31472 - WordPress Flatty plugin <= 2.0.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michele Marri Flatty flatty-flat-admin-theme allows Stored XSS.This issue affects Flatty: from n/a through <= 2.0.0.
0.0
CVE-2025-31473 - WordPress WP Database Optimizer plugin <= 1.2.1.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthewprice1178 WP Database Optimizer wp-database-optimizer allows Stored XSS.This issue affects WP Database Optimizer: from n/a through <= 1.2.1.3.
0.0
CVE-2025-31474 - WordPress WP Database Optimizer plugin <= 1.2.1.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in matthewprice1178 WP Database Optimizer wp-database-optimizer allows Cross Site Request Forgery.This issue affects WP Database Optimizer: from n/a through <= 1.2.1.3.
8.8
CVE-2025-2815 - Administrator Z <= 2025.03.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Optiβ¦
The Administrator Z plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the adminz_import_backup() function in all versions up to, and including, 2025.03.24. This makes it possible for authenticated attacβ¦
4.8
CVE-2025-2870 - Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting (XSS) vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through theΒ page parameter in /patient_side.php.
4.8
CVE-2025-2869 - Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting (XSS) vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through theΒ id parameter in /manage_user.php.