Total
341739 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31780 | 2026-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in Andy Stratton Append Content append-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Append Content: from n/a through <= 2.1.1. | |||||
| CVE-2025-31779 | 2026-04-01 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jonathan Daggerhart Query Wrangler query-wrangler allows Cross Site Request Forgery.This issue affects Query Wrangler: from n/a through <= 1.5.54. | |||||
| CVE-2025-31778 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raphaelheide Donate Me donate-me allows Reflected XSS.This issue affects Donate Me: from n/a through <= 1.2.5. | |||||
| CVE-2025-31777 | 2026-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in BeastThemes Clockinator Lite clockify-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clockinator Lite: from n/a through <= 1.0.9. | |||||
| CVE-2025-31776 | 2026-04-01 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Aphotrax Uptime Robot Plugin for WordPress uptime-robot-monitor allows Cross Site Request Forgery.This issue affects Uptime Robot Plugin for WordPress: from n/a through <= 2.3. | |||||
| CVE-2025-31775 | 2026-04-01 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Smackcoders Inc., Google SEO Pressor Snippet google-seo-author-snippets allows Cross Site Request Forgery.This issue affects Google SEO Pressor Snippet: from n/a through <= 2.0. | |||||
| CVE-2025-31774 | 2026-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in WebProtect.ai Astra Security Suite getastra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Astra Security Suite: from n/a through <= 0.2. | |||||
| CVE-2025-31773 | 2026-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in cedcommerce Ship Per Product ship-per-product allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Ship Per Product: from n/a through <= 2.1.0. | |||||
| CVE-2025-31772 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify WP Modal Popup with Cookie Integration wp-modal-popup-with-cookie-integration allows Stored XSS.This issue affects WP Modal Popup with Cookie Integration: from n/a through <= 2.4. | |||||
| CVE-2025-31771 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sultan Nasir Uddin Team Members for Elementor Page Builder team-members-for-elementor allows Stored XSS.This issue affects Team Members for Elementor Page Builder: from n/a through <= 1.0.4. | |||||
| CVE-2025-31770 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light content-manager-light allows Stored XSS.This issue affects Content Manager Light: from n/a through <= 3.2. | |||||
| CVE-2025-31769 | 2026-04-01 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through <= 1.5.5. | |||||
| CVE-2025-31768 | 2026-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in OTWthemes Widget Manager Light widget-manager-light allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Widget Manager Light: from n/a through <= 1.18. | |||||
| CVE-2025-31767 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Post Custom Templates Lite post-custom-templates-lite allows Stored XSS.This issue affects Post Custom Templates Lite: from n/a through <= 1.14. | |||||
| CVE-2025-31766 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PhotoShelter PhotoShelter for Photographers Blog Feed Plugin photoshelter-official-plugin allows Stored XSS.This issue affects PhotoShelter for Photographers Blog Feed Plugin: from n/a through <= 1.5.7. | |||||
| CVE-2025-31765 | 2026-04-01 | N/A | N/A | ||
| Missing Authorization vulnerability in themeqx GDPR Cookie Notice gdpr-cookie-notice allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR Cookie Notice: from n/a through <= 1.2.0. | |||||
| CVE-2025-31764 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Preliot Cache control by Cacholong cache-control-by-cacholong allows Stored XSS.This issue affects Cache control by Cacholong: from n/a through <= 5.4.1. | |||||
| CVE-2025-31763 | 2026-04-01 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Preliot Cache control by Cacholong cache-control-by-cacholong allows Cross Site Request Forgery.This issue affects Cache control by Cacholong: from n/a through <= 5.4.1. | |||||
| CVE-2025-31762 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andreyazimov Sheet2Site sheet2site allows Stored XSS.This issue affects Sheet2Site: from n/a through <= 1.0.18. | |||||
| CVE-2025-31761 | 2026-04-01 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DEJAN Hypotext hypotext allows Stored XSS.This issue affects Hypotext: from n/a through <= 1.0.1. | |||||