Total
7916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10634 | 1 Nokautpl | 1 Nokaut Offers Box | 2025-06-09 | 4.3 Medium |
| The Nokaut Offers Box WordPress plugin through 1.4.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset the Nokaut Offers Box WordPress plugin through 1.4.0 via a CSRF attack | ||||
| CVE-2023-52122 | 1 Presstigers | 1 Simple Job Board | 2025-06-09 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board.This issue affects Simple Job Board: from n/a through 2.10.6. | ||||
| CVE-2025-47543 | 1 Themetechmount | 1 Truebooker | 2025-06-09 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in themetechmount TrueBooker allows Cross Site Request Forgery. This issue affects TrueBooker: from n/a through 1.0.7. | ||||
| CVE-2025-47542 | 1 Migaweb | 1 Simple Calendar For Elementor | 2025-06-09 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor allows Cross Site Request Forgery. This issue affects Simple calendar for Elementor: from n/a through 1.6.5. | ||||
| CVE-2025-47517 | 1 Wpplugin | 1 Accept Donations With Paypal | 2025-06-09 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Accept Donations with PayPal allows Stored XSS. This issue affects Accept Donations with PayPal: from n/a through 1.4.5. | ||||
| CVE-2025-5521 | 1 5kcrm | 1 Wukongcrm | 2025-06-09 | 4.3 Medium |
| A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-39472 | 2025-06-09 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WPWeb WooCommerce Social Login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a before 2.8.3. | ||||
| CVE-2025-48146 | 1 Lupsonline | 1 Seo Flow | 2025-06-06 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups SEO Flow by LupsOnline allows Stored XSS. This issue affects SEO Flow by LupsOnline: from n/a through 2.2.0. | ||||
| CVE-2025-49273 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi WP Tools allows Cross Site Request Forgery. This issue affects WP Tools: from n/a through 5.24. | ||||
| CVE-2025-49283 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Matthias Nordwig Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant allows Cross Site Request Forgery. This issue affects Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant: from n/a through 4.1.1. | ||||
| CVE-2025-49284 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Maintenance Mode & Site Under Construction allows Cross Site Request Forgery. This issue affects WP Maintenance Mode & Site Under Construction: from n/a through 4.3. | ||||
| CVE-2025-49285 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent allows Cross Site Request Forgery. This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through 3.8.0. | ||||
| CVE-2025-49286 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Table Builder WP Table Builder allows Cross Site Request Forgery. This issue affects WP Table Builder: from n/a through 2.0.6. | ||||
| CVE-2025-49317 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NTC WP Page Loading allows Cross Site Request Forgery. This issue affects WP Page Loading: from n/a through 1.0.6. | ||||
| CVE-2025-30981 | 2025-06-06 | 6.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall allows Privilege Escalation. This issue affects WP-Recall: from n/a through 16.26.14. | ||||
| CVE-2025-30980 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link allows Cross Site Request Forgery. This issue affects Simple Keyword to Link: from n/a through 1.5. | ||||
| CVE-2025-30948 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Giraphix Creative Layouts for Elementor allows Cross Site Request Forgery. This issue affects Layouts for Elementor: from n/a through 1.11. | ||||
| CVE-2025-30946 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Cannon Custom Bulk/Quick Edit allows Cross Site Request Forgery. This issue affects Custom Bulk/Quick Edit: from n/a through 1.6.10. | ||||
| CVE-2025-28986 | 2025-06-06 | 8.2 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Webaholicson Epicwin Plugin allows SQL Injection. This issue affects Epicwin Plugin: from n/a through 1.5. | ||||
| CVE-2025-28984 | 2025-06-06 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in storepro Subscription Renewal Reminders for WooCommerce allows Cross Site Request Forgery. This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through 1.3.7. | ||||