CyberAlerts

CVE-2025-31386

WordPress Simple:Press plugin <= 6.10.11 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in Simplepress Simple:Press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple:Press: from n/a through 6.10.11.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-31376

WordPress NanoSupport plugin <= 0.6.0 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in Mayeenul Islam NanoSupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through 0.6.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-30961

WordPress Trackserver plugin <= 5.0.3 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tinuzz Trackserver allows DOM-Based XSS.This issue affects Trackserver: from n/a through 5.0.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-31410

WordPress WP Church Donation plugin <= 1.7 - Cross Site Request Forgery (CSRF) vulnerability

Description: Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Church Donation allows Cross Site Request Forgery.This issue affects WP Church Donation: from n/a through 1.7.

CVSS: MEDIUM (4.3)

EPSS Score: 0.02%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-31406

WordPress ELEX WooCommerce Request a Quote plugin <= 2.3.3 - Broken Access Control vulnerability

Description: Subscriber Broken Access Control in ELEX WooCommerce Request a Quote <= 2.3.3 versions.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-31417

WordPress WP Docs plugin < 2.2.7 - Broken Access Control vulnerability

Description: Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Docs: from n/a through n/a.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-31414

WordPress Cost Calculator Builder plugin <= 3.2.65 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder allows Stored XSS. This issue affects Cost Calculator Builder: from n/a through 3.2.65.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-31412

WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetProductGallery allows DOM-Based XSS. This issue affects JetProductGallery: from n/a through 2.1.22.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-31043

WordPress JetSearch plugin <= 3.5.7 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetSearch allows DOM-Based XSS. This issue affects JetSearch: from n/a through 3.5.7.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

CVE-2025-30987

WordPress JetBlocks For Elementor plugin <= 1.3.16 - Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetBlocks For Elementor allows Stored XSS. This issue affects JetBlocks For Elementor: from n/a through 1.3.16.

CVSS: MEDIUM (6.5)

EPSS Score: 0.03%

Source: CVE

March 31st, 2025 (22 days ago)

Threat and Vulnerability Intelligence Database

Example Searches: