0.0
CVE-2025-31746 - WordPress Clients plugin <= 1.1.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Think201 Clients clients allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clients: from n/a through <= 1.1.4.
0.0
CVE-2025-31739 - WordPress Minimalistic Event Manager plugin <= 1.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Manuel Schmalstieg Minimalistic Event Manager minimalistic-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimalistic Event Manager: from n/a through <= 1.1.1.
0.0
CVE-2025-31736 - WordPress Rich Text Editor Plugin <= 1.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in richtexteditor Rich Text Editor richtexteditor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rich Text Editor: from n/a through <= 1.0.1.
0.0
CVE-2025-31729 - WordPress WooTumblog plugin <= 2.1.4 - Content Injection vulnerability
Missing Authorization vulnerability in jeffikus WooTumblog woo-tumblog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooTumblog: from n/a through <= 2.1.4.
0.0
CVE-2025-31626 - WordPress Support Helpdesk Ticket System Lite plugin <= 4.5.2 - Reflected Cross Site Scripting (XSSโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M. Ali Saleem Support Helpdesk Ticket System Lite ticket-help-desk-system-lite allows Reflected XSS.This issue affects Support Helpdesk Ticket System Lite: from n/a through <= 4.5.2.
0.0
CVE-2025-31622 - WordPress Advanced Typekit plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Utkarsh Kukreti Advanced Typekit advanced-typekit allows Stored XSS.This issue affects Advanced Typekit: from n/a through <= 1.0.1.
0.0
CVE-2025-31582 - WordPress Contact Form vCard Generator plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani Contact Form vCard Generator contact-form-vcard-generator allows Stored XSS.This issue affects Contact Form vCard Generator: from n/a through <= 2.4.
0.0
CVE-2025-31581 - WordPress WP Video Playlist plugin <= 1.1.2 - Settings Change vulnerability
Missing Authorization vulnerability in Sandeep Kumar WP Video Playlist wp-video-playlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Video Playlist: from n/a through <= 1.1.2.
0.0
CVE-2025-31573 - WordPress PeproDev CF7 Database plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pepro Dev. Group PeproDev CF7 Database pepro-cf7-database allows Stored XSS.This issue affects PeproDev CF7 Database: from n/a through <= 2.0.0.
0.0
CVE-2025-31558 - WordPress TailPress plugin <= 0.4.4 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Greg TailPress tailpress allows Retrieve Embedded Sensitive Data.This issue affects TailPress: from n/a through <= 0.4.4.