8.5
CVE-2025-31547 - WordPress Uptime Robot Plugin for WordPress plugin <= 2.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aphotrax Uptime Robot Plugin for WordPress uptime-robot-monitor allows SQL Injection.This issue affects Uptime Robot Plugin for WordPress: from n/a through <= 2.3.
4.3
CVE-2025-31546 - WordPress Swiss Toolkit For WP plugin <= 1.4.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through <= 1.4.0.
5.4
CVE-2025-31545 - WordPress Safe Ai Malware Protection for WP plugin <= 1.0.20 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Messiah Safe Ai Malware Protection for WP safe-ai-malware-protection-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Safe Ai Malware Protection for WP: from n/a through <= 1.0.20.
4.3
CVE-2025-31544 - WordPress Swiss Toolkit For WP plugin <= 1.4.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through <= 1.4.5.
6.5
CVE-2025-31543 - WordPress Twice Commerce plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twice Commerce Twice Commerce embed-rentle allows DOM-Based XSS.This issue affects Twice Commerce: from n/a through <= 1.3.1.
8.5
CVE-2025-31542 - WordPress My auctions allegro plugin <= 3.6.20 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Blind SQL Injection.This issue affects My auctions allegro: from n/a through <= 3.6.20.
4.3
CVE-2025-31540 - WordPress ACME Divi Modules plugin <= 1.3.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in acmemediakits ACME Divi Modules acme-divi-modules allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ACME Divi Modules: from n/a through <= 1.3.5.
6.5
CVE-2025-31539 - WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through <= 2.0.1.
6.5
CVE-2025-31538 - WordPress Checklist plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in checklistcom Checklist checklist allows Stored XSS.This issue affects Checklist: from n/a through <= 1.1.9.
6.5
CVE-2025-31535 - WordPress Simple Owl Carousel plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Owl Carousel simple-owl-carousel allows DOM-Based XSS.This issue affects Simple Owl Carousel: from n/a through <= 1.1.1.