6.5
CVE-2025-31770 - WordPress Content Manager Light plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light content-manager-light allows Stored XSS.This issue affects Content Manager Light: from n/a through <= 3.2.
4.3
CVE-2025-31769 - WordPress CLP β Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRFβ¦
Cross-Site Request Forgery (CSRF) vulnerability in NiteoThemes CLP β Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP β Custom Login Page by NiteoThemes: from n/a through <= 1.5.5.
6.5
CVE-2025-31767 - WordPress Post Custom Templates Lite plugin <= 1.14 - Stored Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through <= 1.14.
6.5
CVE-2025-31766 - WordPress PhotoShelter for Photographers Blog Feed plugin <= 1.5.7 - Cross Site Scripting (XSS) vulβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PhotoShelter PhotoShelter for Photographers Blog Feed Plugin photoshelter-official-plugin allows Stored XSS.This issue affects PhotoShelter for Photographers Blog Feed Plugin: from n/a through <= 1β¦
5.3
CVE-2025-31765 - WordPress GDPR Cookie Notice plugin <= 1.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in themeqx GDPR Cookie Notice gdpr-cookie-notice allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR Cookie Notice: from n/a through <= 1.2.0.
5.9
CVE-2025-31764 - WordPress Cache control by Cacholong plugin <= 5.4.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Preliot Cache control by Cacholong cache-control-by-cacholong allows Stored XSS.This issue affects Cache control by Cacholong: from n/a through <= 5.4.1.
4.3
CVE-2025-31763 - WordPress Cache control by Cacholong Plugin <= 5.4.1 - Cross Site Request Forgery (CSRF) vulnerabilβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Preliot Cache control by Cacholong cache-control-by-cacholong allows Cross Site Request Forgery.This issue affects Cache control by Cacholong: from n/a through <= 5.4.1.
6.5
CVE-2025-31762 - WordPress Sheet2Site plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andreyazimov Sheet2Site sheet2site allows Stored XSS.This issue affects Sheet2Site: from n/a through <= 1.0.18.
6.5
CVE-2025-31761 - WordPress Hypotext plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DEJAN Hypotext hypotext allows Stored XSS.This issue affects Hypotext: from n/a through <= 1.0.1.
6.5
CVE-2025-31760 - WordPress SnapWidget Social Photo Feed Widget plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in snapwidget SnapWidget Social Photo Feed Widget snapwidget-wp-instagram-widget allows DOM-Based XSS.This issue affects SnapWidget Social Photo Feed Widget: from n/a through <= 1.1.0.