Total
7914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53311 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Amol Nirmala Waman Navayan Subscribe allows Stored XSS. This issue affects Navayan Subscribe: from n/a through 1.13. | ||||
| CVE-2025-53312 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Looks Awesome OnionBuzz allows Stored XSS. This issue affects OnionBuzz: from n/a through 1.0.7. | ||||
| CVE-2025-53314 | 2025-06-30 | 9.6 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability in sh1zen WP Optimizer allows SQL Injection. This issue affects WP Optimizer: from n/a through 2.3.6. | ||||
| CVE-2025-53315 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in alanft Relocate Upload allows Stored XSS. This issue affects Relocate Upload: from n/a through 0.24.1. | ||||
| CVE-2025-53317 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in AcmeeDesign WPShapere Lite allows Stored XSS. This issue affects WPShapere Lite: from n/a through 1.4. | ||||
| CVE-2025-53327 | 2025-06-30 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in rui_mashita Aioseo Multibyte Descriptions allows Cross Site Request Forgery. This issue affects Aioseo Multibyte Descriptions: from n/a through 0.0.6. | ||||
| CVE-2025-5936 | 2025-06-30 | 4.3 Medium | ||
| The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar() function. This makes it possible for unauthenticated attackers to trigger a calendar sync via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-53264 | 2025-06-30 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Konrád Koller ONet Regenerate Thumbnails allows Cross Site Request Forgery. This issue affects ONet Regenerate Thumbnails: from n/a through 1.5. | ||||
| CVE-2025-53313 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in plumwd Twitch TV Embed Suite allows Stored XSS. This issue affects Twitch TV Embed Suite: from n/a through 2.1.0. | ||||
| CVE-2025-53261 | 2025-06-30 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in macbookandrew WP YouTube Live allows Cross Site Request Forgery. This issue affects WP YouTube Live: from n/a through 1.10.0. | ||||
| CVE-2025-53193 | 2025-06-30 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Burst Statistics B.V. Burst Statistics allows Cross Site Request Forgery. This issue affects Burst Statistics: from n/a through 2.0.6. | ||||
| CVE-2025-53203 | 2025-06-30 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder allows Cross Site Request Forgery. This issue affects WooCommerce PDF Invoice Builder: from n/a through 1.2.148. | ||||
| CVE-2025-53267 | 2025-06-30 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Aftab Husain Hide Admin Bar From Front End allows Cross Site Request Forgery. This issue affects Hide Admin Bar From Front End: from n/a through 1.0.0. | ||||
| CVE-2025-53268 | 2025-06-30 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ryanpcmcquen Import external attachments allows Cross Site Request Forgery. This issue affects Import external attachments: from n/a through 1.5.12. | ||||
| CVE-2025-53310 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Funnnny HidePost allows Reflected XSS. This issue affects HidePost: from n/a through 2.3.8. | ||||
| CVE-2025-24289 | 2025-06-30 | N/A | ||
| A Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in the UCRM Client Signup Plugin (v1.3.4 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default. | ||||
| CVE-2025-53329 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in szajenw Społecznościowa 6 PL 2013 allows Stored XSS. This issue affects Społecznościowa 6 PL 2013: from n/a through 2.0.6. | ||||
| CVE-2025-53331 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in samcharrington RSS Digest allows Stored XSS. This issue affects RSS Digest: from n/a through 1.5. | ||||
| CVE-2025-53332 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ethoseo Track Everything allows Stored XSS. This issue affects Track Everything: from n/a through 2.0.1. | ||||
| CVE-2025-53338 | 2025-06-30 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in dor re.place allows Stored XSS. This issue affects re.place: from n/a through 0.2.1. | ||||