Total
7609 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39381 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Kiotviet KiotViet Sync allows Stored XSS. This issue affects KiotViet Sync: from n/a through 1.8.4. | ||||
| CVE-2025-46442 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Casey Johnson Loan Calculator allows Stored XSS. This issue affects Loan Calculator: from n/a through 1.3. | ||||
| CVE-2025-46452 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Olav Kolbu Google News allows Stored XSS. This issue affects Google News: from n/a through 2.5.1. | ||||
| CVE-2025-46462 | 2025-04-29 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Trân Minh-Quân WPVN allows Cross Site Request Forgery. This issue affects WPVN: from n/a through 0.7.8. | ||||
| CVE-2025-46466 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in felixtz Modern Polls allows Stored XSS. This issue affects Modern Polls: from n/a through 1.0.10. | ||||
| CVE-2025-46492 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog allows Stored XSS. This issue affects Call Now PHT Blog: from n/a through 2.4.1. | ||||
| CVE-2025-46522 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Billy Bryant Tabs allows Stored XSS. This issue affects Tabs: from n/a through 4.0.3. | ||||
| CVE-2025-3638 | 2025-04-29 | 8.8 High | ||
| A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk. | ||||
| CVE-2025-3635 | 2025-04-29 | 3.5 Low | ||
| A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks. | ||||
| CVE-2025-46506 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Lora77 WpZon – Amazon Affiliate Plugin allows Reflected XSS. This issue affects WpZon – Amazon Affiliate Plugin: from n/a through 1.3. | ||||
| CVE-2025-46498 | 2025-04-29 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in nghialuu Zalo Official Live Chat allows Cross Site Request Forgery. This issue affects Zalo Official Live Chat: from n/a through 1.0.0. | ||||
| CVE-2025-46507 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ldrumm Unsafe Mimetypes allows Stored XSS. This issue affects Unsafe Mimetypes: from n/a through 0.1.4. | ||||
| CVE-2025-46516 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in silencecm Twitter Card Generator allows Stored XSS. This issue affects Twitter Card Generator: from n/a through 1.0.5. | ||||
| CVE-2025-46465 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in John Weissberg Print Science Designer allows Stored XSS. This issue affects Print Science Designer: from n/a through 1.3.155. | ||||
| CVE-2025-46513 | 2025-04-29 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Codebangers All in One Time Clock Lite allows Cross Site Request Forgery. This issue affects All in One Time Clock Lite: from n/a through 1.3.324. | ||||
| CVE-2025-46435 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Yash Binani Time Based Greeting allows Stored XSS. This issue affects Time Based Greeting: from n/a through 2.2.2. | ||||
| CVE-2025-46436 | 2025-04-29 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sebastian Echeverry SCSS-Library allows Cross Site Request Forgery. This issue affects SCSS-Library: from n/a through 0.4.1. | ||||
| CVE-2025-46439 | 2025-04-29 | 7.4 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Plugin Central allows Path Traversal. This issue affects Plugin Central: from n/a through 2.5.1. | ||||
| CVE-2025-46520 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in alphasis Related Posts via Taxonomies allows Stored XSS. This issue affects Related Posts via Taxonomies: from n/a through 1.0.1. | ||||
| CVE-2025-46524 | 2025-04-29 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in stesvis WP Filter Post Category allows Stored XSS. This issue affects WP Filter Post Category: from n/a through 2.1.4. | ||||