Total
8239 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47523 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Lukáš Hartmann Seznam Webmaster allows Cross Site Request Forgery. This issue affects Seznam Webmaster: from n/a through 1.4.7. | ||||
| CVE-2024-32693 | 2 Valvepress, Wordpress | 2 Automatic, Wordpress | 2025-07-13 | 7.6 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ValvePress Automatic.This issue affects Automatic: from n/a before 3.93.0. | ||||
| CVE-2024-54426 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Andy Fradelakis LeaderBoard Plugin allows Stored XSS.This issue affects LeaderBoard Plugin: from n/a through 1.2.4. | ||||
| CVE-2025-23640 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan Rename Author Slug allows Stored XSS.This issue affects Rename Author Slug: from n/a through 1.2.0. | ||||
| CVE-2025-26550 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Kunal Shivale Global Meta Keyword & Description allows Stored XSS. This issue affects Global Meta Keyword & Description: from n/a through 2.3. | ||||
| CVE-2024-31105 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5. | ||||
| CVE-2024-32550 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in BMI Adult & Kid Calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through 1.2.1. | ||||
| CVE-2024-53724 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ronny L. Bull IceStats allows Stored XSS.This issue affects IceStats: from n/a through 1.3. | ||||
| CVE-2024-50533 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through 1.2.1. | ||||
| CVE-2024-51658 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Henrik Hoff WP Course Manager allows Stored XSS.This issue affects WP Course Manager: from n/a through 1.3. | ||||
| CVE-2025-23818 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Peggy Kuo More Link Modifier allows Stored XSS.This issue affects More Link Modifier: from n/a through 1.0.3. | ||||
| CVE-2024-53778 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through 1.1.1. | ||||
| CVE-2024-51654 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in APK.Support APK Downloader allows Stored XSS.This issue affects APK Downloader: from n/a through 1.0.0. | ||||
| CVE-2024-53717 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg yPHPlista allows Stored XSS.This issue affects yPHPlista: from n/a through 1.1.1. | ||||
| CVE-2025-48259 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico España allows Cross Site Request Forgery. This issue affects WP Mapa Politico España: from n/a through 3.8.0. | ||||
| CVE-2024-9649 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7.4. This is due to missing or incorrect nonce validation on the wp_ulike_delete_history_api() function. This makes it possible for unauthenticated attackers to delete engagements via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-25104 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in mraliende URL-Preview-Box allows Cross Site Request Forgery. This issue affects URL-Preview-Box: from n/a through 1.20. | ||||
| CVE-2024-56015 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This issue affects Tidy Up: from n/a through 1.3. | ||||
| CVE-2025-47462 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ohidul Islam Challan allows Privilege Escalation. This issue affects Challan: from n/a through 3.7.58. | ||||
| CVE-2024-56232 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alexander Volkov WP Nice Loader allows Stored XSS.This issue affects WP Nice Loader: from n/a through 0.1.0.4. | ||||