4.3
CVE-2025-31880 - WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Stylemix Pearl pearl-header-builder allows Cross Site Request Forgery.This issue affects Pearl: from n/a through <= 1.3.9.
5.4
CVE-2025-31879 - WordPress Barcode Generator for WooCommerce plugin <= 2.0.4 - Settings Change vulnerability
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for WooCommerce embedding-barcodes-into-product-pages-and-orders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Barcode Generator for WooCommerce: from n/a through โฆ
5.4
CVE-2025-31878 - WordPress UPC/EAN/GTIN Code Generator plugin <= 2.0.2 - Settings Change vulnerability
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UPC/EAN/GTIN Code Generator: from n/a through <= 2.0.2.
4.3
CVE-2025-31877 - WordPress RestroPress plugin <= 3.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Magnigenie RestroPress restropress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through <= 3.2.8.
6.5
CVE-2025-31875 - WordPress FancyPost plugin <= 6.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluginic FancyPost post-block allows DOM-Based XSS.This issue affects FancyPost: from n/a through <= 6.0.1.
6.5
CVE-2025-31874 - WordPress WebberZone Snippetz plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay WebberZone Snippetz add-to-all allows Stored XSS.This issue affects WebberZone Snippetz: from n/a through <= 2.1.1.
6.5
CVE-2025-31873 - WordPress SheetDB plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sheetdb SheetDB sheetdb allows Stored XSS.This issue affects SheetDB: from n/a through <= 1.3.4.
5.3
CVE-2025-31872 - WordPress WP Clone any post type Plugin <= 3.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Clone any post type: from n/a through <= 3.6.
4.7
CVE-2025-31871 - WordPress WP Clone any post type Plugin <= 3.6 - Open Redirect vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Phishing.This issue affects WP Clone any post type: from n/a through <= 3.6.
5.4
CVE-2025-31870 - WordPress WP AutoKeyword plugin <= 1.0 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword wp-autokeyword allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP AutoKeyword: from n/a through <= 1.0.