4.3
CVE-2025-31814 - WordPress OwnerRez Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in OwnerRez OwnerRez API ownerrez allows Cross Site Request Forgery.This issue affects OwnerRez API: from n/a through <= 1.2.0.
6.5
CVE-2025-31813 - WordPress WPSHARE247 Elementor Addons plugin <= 2.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Website366.com WPSHARE247 Elementor Addons wpshare247-elementor-addons allows Stored XSS.This issue affects WPSHARE247 Elementor Addons: from n/a through <= 2.5.
6.5
CVE-2025-31812 - WordPress BuddyPress Members Only plugin <= 3.5.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas BuddyPress Members Only buddypress-members-only allows Stored XSS.This issue affects BuddyPress Members Only: from n/a through <= 3.5.3.
6.5
CVE-2025-31811 - WordPress Planyo online reservation system plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtreeme Planyo online reservation system planyo-online-reservation-system allows Stored XSS.This issue affects Planyo online reservation system: from n/a through <= 3.1.
5.3
CVE-2025-31810 - WordPress Question Answer plugin <= 1.2.73 - Broken Access Control vulnerability
Missing Authorization vulnerability in PickPlugins Question Answer question-answer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Question Answer: from n/a through <= 1.2.73.
4.3
CVE-2025-31809 - WordPress Labinator Content Types Duplicator Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vuβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator labinator-content-types-duplicator allows Cross Site Request Forgery.This issue affects Labinator Content Types Duplicator: from n/a through <= 1.1.3.
4.3
CVE-2025-31808 - WordPress SCSS WP Editor plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor scss-wp-editor allows Cross Site Request Forgery.This issue affects SCSS WP Editor: from n/a through <= 1.2.1.
4.3
CVE-2025-31807 - WordPress Product Notices for WooCommerce plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) vulneβ¦
Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce product-notices-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Notices for WooCommerce: from n/a through <= 1.3.4.
5.9
CVE-2025-31806 - WordPress Webling plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uSystems Webling webling allows Stored XSS.This issue affects Webling: from n/a through <= 3.9.0.
6.5
CVE-2025-31805 - WordPress Gutena Kit plugin <= 2.0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal Gutena Kit β Gutenberg Blocks and Templates gutena-kit allows Stored XSS.This issue affects Gutena Kit β Gutenberg Blocks and Templates: from n/a through <= 2.0.7.