4.3
CVE-2025-32231 - WordPress Bookingor plugin <= 2.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Bookingor Bookingor bookingor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bookingor: from n/a through <= 2.0.1.
4.3
CVE-2025-32229 - WordPress Variable Inspector plugin <= 2.6.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Bowo Variable Inspector variable-inspector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Variable Inspector: from n/a through <= 2.6.3.
4.3
CVE-2025-32226 - WordPress Display product variations dropdown on shop page plugin <= 1.1.3 - Broken Access Control โฆ
Missing Authorization vulnerability in Anzar Ahmed Display product variations dropdown on shop page display-product-variations-dropdown-on-shop-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display product variations dropdown on shop page: from n/a โฆ
5.3
CVE-2025-32225 - WordPress WP Event Manager plugin <= 3.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Event Manager WP Event Manager wp-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Event Manager: from n/a through <= 3.2.0.
5.4
CVE-2025-32220 - WordPress Salon booking system plugin <= 10.30.26 - Broken Access Control vulnerability
Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking system: from n/a through <= 10.30.26.
5.4
CVE-2025-32219 - WordPress eaSYNC plugin <= 1.3.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syntactics, Inc. eaSYNC easync-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eaSYNC: from n/a through <= 1.3.19.
5.4
CVE-2025-32218 - WordPress TableOn plugin <= 1.0.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in RealMag777 TableOn posts-table-filterable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TableOn: from n/a through <= 1.0.5.1.
5.4
CVE-2025-32217 - WordPress Ai Image Alt Text Generator for WP plugin <= 1.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through <= 1.1.1.
6.5
CVE-2025-32207 - WordPress Ni WooCommerce Cost Of Goods plugin <= 3.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods allows Stored XSS.This issue affects Ni WooCommerce Cost Of Goods: from n/a through <= 3.2.8.
7.6
CVE-2025-32204 - WordPress Split Test For Elementor Plugin <= 1.8.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows SQL Injection.This issue affects Split Test For Elementor: from n/a through <= 1.8.3.