Total
8238 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25139 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Cynob IT Consultancy WP Custom Post RSS Feed allows Stored XSS. This issue affects WP Custom Post RSS Feed: from n/a through 1.0.0. | ||||
| CVE-2024-53769 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ludovic RIAUDEL Custom Post Type to Map Store allows Stored XSS.This issue affects Custom Post Type to Map Store: from n/a through 1.1.0. | ||||
| CVE-2025-23870 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Robert Nicholson Copyright Safeguard Footer Notice allows Stored XSS.This issue affects Copyright Safeguard Footer Notice: from n/a through 3.0. | ||||
| CVE-2025-31602 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in apimofficiel Apimo Connector allows Cross Site Request Forgery. This issue affects Apimo Connector: from n/a through 2.6.3.1. | ||||
| CVE-2024-54435 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Thomas Hoefter Onlywire Multi Autosubmitter allows Stored XSS.This issue affects Onlywire Multi Autosubmitter: from n/a through 1.2.4. | ||||
| CVE-2025-39421 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Mustafa KUCUK WP Sticky Side Buttons allows Stored XSS. This issue affects WP Sticky Side Buttons: from n/a through 2.1. | ||||
| CVE-2025-31753 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Animesh Kumar Advanced Speed Increaser. This issue affects Advanced Speed Increaser: from n/a through 2.2.1. | ||||
| CVE-2024-54393 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Sheikh Heera WP Fiddle allows Stored XSS.This issue affects WP Fiddle: from n/a through 1.0. | ||||
| CVE-2025-30586 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in bbodine1 cTabs allows Stored XSS. This issue affects cTabs: from n/a through 1.3. | ||||
| CVE-2024-6662 | 1 Jan Syski | 1 Megabip | 2025-07-13 | N/A |
| Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery (CSRF) as the form available under "/edytor/index.php?id=7,7,0" lacks protection mechanisms. A user could be tricked into visiting a malicious website, which would send POST request to this endpoint. If the victim is a logged in administrator, this could lead to creation of new accounts and granting of administrative permissions. | ||||
| CVE-2025-23693 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Stanisław Skonieczny Secure CAPTCHA allows Stored XSS.This issue affects Secure CAPTCHA: from n/a through 1.2. | ||||
| CVE-2024-37540 | 2 Leaky Paywall, Wordpress | 2 Leaky Paywall, Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Leaky Paywall Leaky Paywall allows Cross Site Request Forgery.This issue affects Leaky Paywall: from n/a through 4.21.2. | ||||
| CVE-2025-31880 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Stylemix Pearl allows Cross Site Request Forgery. This issue affects Pearl: from n/a through 1.3.9. | ||||
| CVE-2025-22557 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WPMagic News Publisher Autopilot allows Cross Site Request Forgery.This issue affects News Publisher Autopilot: from n/a through 2.1.4. | ||||
| CVE-2024-51633 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in IvyCat Web Services Simple Page Specific Sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through 2.14.1. | ||||
| CVE-2025-30578 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in hotvanrod AdSense Privacy Policy allows Stored XSS. This issue affects AdSense Privacy Policy: from n/a through 1.1.1. | ||||
| CVE-2024-48038 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen wp-Monalisa allows Cross Site Request Forgery.This issue affects wp-Monalisa: from n/a through 6.4. | ||||
| CVE-2024-37272 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Travel Engine Travel Monster allows Cross Site Request Forgery.This issue affects Travel Monster: from n/a through 1.1.2. | ||||
| CVE-2024-11342 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.1 Medium |
| The Skt NURCaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.5.0. This is due to missing or incorrect nonce validation in the skt-nurc-admin.php file. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-30919 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Store Locator Widgets Store Locator Widget allows Stored XSS. This issue affects Store Locator Widget: from n/a through 20200131. | ||||