4.3
CVE-2025-31809 - WordPress Labinator Content Types Duplicator Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vuβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator allows Cross Site Request Forgery. This issue affects Labinator Content Types Duplicator: from n/a through 1.1.3.
4.3
CVE-2025-31808 - WordPress SCSS WP Editor Plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor allows Cross Site Request Forgery. This issue affects SCSS WP Editor: from n/a through 1.1.8.
4.3
CVE-2025-31807 - WordPress Product Notices for WooCommerce plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulneβ¦
Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce allows Cross Site Request Forgery. This issue affects Product Notices for WooCommerce: from n/a through 1.3.3.
5.9
CVE-2025-31806 - WordPress Webling Plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uSystems Webling allows Stored XSS. This issue affects Webling: from n/a through 3.9.0.
6.5
CVE-2025-31805 - WordPress Gutena Kit plugin <= 2.0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Systems Gutena Kit β Gutenberg Blocks and Templates allows Stored XSS. This issue affects Gutena Kit β Gutenberg Blocks and Templates: from n/a through 2.0.7.
6.5
CVE-2025-31804 - WordPress Follow Us Badges plugin <= 3.1.11 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DraftPress Team Follow Us Badges allows Stored XSS. This issue affects Follow Us Badges: from n/a through 3.1.11.
6.5
CVE-2025-31803 - WordPress Turisbook Booking System plugin <= 1.3.7 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neteuro Turisbook Booking System allows Stored XSS. This issue affects Turisbook Booking System: from n/a through 1.3.7.
5.4
CVE-2025-31802 - WordPress Shiptimize for WooCommerce plugin <= 3.1.86 - Settings Change vulnerability
Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shiptimize for WooCommerce: from n/a through 3.1.86.
6.5
CVE-2025-31801 - WordPress MX Time Zone Clocks plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks allows Reflected XSS. This issue affects MX Time Zone Clocks: from n/a through 5.1.1.
4.3
CVE-2025-31799 - WordPress Publitio plugin <= 2.1.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in publitio Publitio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Publitio: from n/a through 2.1.8.