CyberAlerts

CVE-2025-31768

WordPress Widget Manager Light plugin <= 1.18 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in OTWthemes Widget Manager Light allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Widget Manager Light: from n/a through 1.18.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31758

WordPress Free Woocommerce Product Table View plugin <= 1.78 - Arbitrary Content Deletion vulnerability

Description: Missing Authorization vulnerability in BinaryCarpenter Free Woocommerce Product Table View allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Free Woocommerce Product Table View: from n/a through 1.78.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31746

WordPress Clients plugin <= 1.1.4 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in Think201 Clients allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clients: from n/a through 1.1.4.

CVSS: MEDIUM (6.4)

EPSS Score: 0.04%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31739

WordPress Minimalistic Event Manager plugin <= 1.1.1 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in Manuel Schmalstieg Minimalistic Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Minimalistic Event Manager: from n/a through 1.1.1.

CVSS: MEDIUM (6.4)

EPSS Score: 0.04%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31736

WordPress Rich Text Editor Plugin <= 1.0.1 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in richtexteditor Rich Text Editor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rich Text Editor: from n/a through 1.0.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31729

WordPress WooTumblog plugin <= 2.1.4 - Content Injection vulnerability

Description: Missing Authorization vulnerability in jeffikus WooTumblog allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooTumblog: from n/a through 2.1.4.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31622

WordPress Advanced Typekit plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Utkarsh Kukreti Advanced Typekit allows Stored XSS. This issue affects Advanced Typekit: from n/a through 1.0.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31581

WordPress WP Video Playlist plugin <= 1.1.2 - Settings Change vulnerability

Description: Missing Authorization vulnerability in Sandeep Kumar WP Video Playlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Video Playlist: from n/a through 1.1.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31558

WordPress TailPress plugin <= 0.4.4 - Sensitive Data Exposure vulnerability

Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Greg TailPress allows Retrieve Embedded Sensitive Data. This issue affects TailPress: from n/a through 0.4.4.

CVSS: MEDIUM (5.8)

EPSS Score: 0.04%

Source: CVE

April 3rd, 2025 (18 days ago)

CVE-2025-31554

WordPress Docxpresso plugin <= 2.6 - Arbitrary File Download vulnerability

Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in docxpresso Docxpresso allows Absolute Path Traversal. This issue affects Docxpresso: from n/a through 2.6.

CVSS: MEDIUM (5.9)

EPSS Score: 0.06%

Source: CVE

April 3rd, 2025 (18 days ago)

Threat and Vulnerability Intelligence Database

Example Searches: