4.3
CVE-2025-30862 - WordPress reCAPTCHA for all plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.22.
4.9
CVE-2025-30861 - WordPress Five Star Restaurant Reservations plugin <= 2.6.29 - Broken Access Control vulnerability
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through <= 2.6.29.
6.5
CVE-2025-30860 - WordPress Off-Canvas Sidebars & Menus (Slidebars) plugin <= 0.5.8.2 - Cross Site Scripting (XSS) Vuβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) off-canvas-sidebars allows DOM-Based XSS.This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through <= 0.5.8.2.
4.7
CVE-2025-30859 - WordPress AliNext plugin <= 3.5.1 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in guru-aliexpress AliNext ali2woo-lite allows Phishing.This issue affects AliNext: from n/a through <= 3.5.1.
7.1
CVE-2025-30857 - WordPress Currency Switcher for WooCommerce plugin <= 0.0.7 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce currency-switcher-for-woocommerce allows Stored XSS.This issue affects Currency Switcher for WooCommerce: from n/a through <= 0.0.7.
4.3
CVE-2025-30856 - WordPress Custom Field For WP Job Manager plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulneraβ¦
Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Cross Site Request Forgery.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.4.
4.3
CVE-2025-30854 - WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.7.7 - Cross Sitβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through <= 2.7β¦
4.3
CVE-2025-30851 - WordPress Tickera plugin <= 3.5.5.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through <= 3.5.5.2.
6.5
CVE-2025-30850 - WordPress Dr. Flex plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sfaerber Dr. Flex dr-flex allows Stored XSS.This issue affects Dr. Flex: from n/a through <= 2.0.0.
5.9
CVE-2025-30847 - WordPress Novelist plugin <= 1.2.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashley Novelist novelist allows Stored XSS.This issue affects Novelist: from n/a through <= 1.2.3.