0.0
CVE-2025-31781 - WordPress Gift Cards for WooCommerce plugin <= 1.5.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in ahmadshyk Gift Cards for WooCommerce woo-giftcards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gift Cards for WooCommerce: from n/a through <= 1.5.8.
0.0
CVE-2025-31780 - WordPress Append Content plugin <= 2.1.1 - CSRF to Settings Change vulnerability
Missing Authorization vulnerability in Andy Stratton Append Content append-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Append Content: from n/a through <= 2.1.1.
0.0
CVE-2025-31779 - WordPress Query Wrangler plugin <= 1.5.54 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Jonathan Daggerhart Query Wrangler query-wrangler allows Cross Site Request Forgery.This issue affects Query Wrangler: from n/a through <= 1.5.54.
0.0
CVE-2025-31778 - WordPress Donate Me Plugin <= 1.2.5 - Stored Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raphaelheide Donate Me donate-me allows Reflected XSS.This issue affects Donate Me: from n/a through <= 1.2.5.
0.0
CVE-2025-31777 - WordPress Clockinator Lite plugin <= 1.0.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in BeastThemes Clockinator Lite clockify-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clockinator Lite: from n/a through <= 1.0.9.
0.0
CVE-2025-31776 - WordPress Uptime Robot Plugin <= 2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Aphotrax Uptime Robot Plugin for WordPress uptime-robot-monitor allows Cross Site Request Forgery.This issue affects Uptime Robot Plugin for WordPress: from n/a through <= 2.3.
0.0
CVE-2025-31775 - WordPress Google SEO Pressor for Rich snippets Plugin <= 2.0 - Cross Site Request Forgery (CSRF) vuβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Smackcoders Inc., Google SEO Pressor Snippet google-seo-author-snippets allows Cross Site Request Forgery.This issue affects Google SEO Pressor Snippet: from n/a through <= 2.0.
0.0
CVE-2025-31774 - WordPress plugin Astra Security Suite plugin<= 0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebProtect.ai Astra Security Suite getastra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Astra Security Suite: from n/a through <= 0.2.
0.0
CVE-2025-31773 - WordPress Ship Per Product plugin <= 2.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in cedcommerce Ship Per Product ship-per-product allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Ship Per Product: from n/a through <= 2.1.0.
0.0
CVE-2025-31772 - WordPress WP Modal Popup with Cookie Integration plugin <= 2.4 - Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify WP Modal Popup with Cookie Integration wp-modal-popup-with-cookie-integration allows Stored XSS.This issue affects WP Modal Popup with Cookie Integration: from n/a through <= 2.4.