Total
7923 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39431 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Aaron Forgue Amazon Showcase WordPress Plugin allows Stored XSS. This issue affects Amazon Showcase WordPress Plugin: from n/a through 2.2. | ||||
| CVE-2025-39437 | 2025-04-17 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize allows Cross Site Request Forgery. This issue affects Anthologize: from n/a through 0.8.3. | ||||
| CVE-2025-39443 | 2025-04-17 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery. This issue affects Verge3D: from n/a through 4.9.0. | ||||
| CVE-2025-39424 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in simplemaps Simple Maps allows Stored XSS. This issue affects Simple Maps: from n/a through 0.98. | ||||
| CVE-2025-39419 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in David Miller Revision Diet allows Stored XSS. This issue affects Revision Diet: from n/a through 1.0.1. | ||||
| CVE-2025-39423 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jenst Add to Header allows Stored XSS. This issue affects Add to Header: from n/a through 1.0. | ||||
| CVE-2025-39425 | 2025-04-17 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in pixelgrade Style Manager allows Cross Site Request Forgery. This issue affects Style Manager: from n/a through 2.2.7. | ||||
| CVE-2025-39417 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Eslam Mahmoud Redirect wordpress to welcome or landing page allows Stored XSS. This issue affects Redirect wordpress to welcome or landing page: from n/a through 2.0. | ||||
| CVE-2025-39418 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ajayver RSS Manager allows Stored XSS. This issue affects RSS Manager: from n/a through 0.06. | ||||
| CVE-2025-39426 | 2025-04-17 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in illow illow – Cookies Consent allows Cross Site Request Forgery. This issue affects illow – Cookies Consent: from n/a through 0.2.0. | ||||
| CVE-2025-39453 | 2025-04-17 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce allows Cross Site Request Forgery. This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through 4.9.3. | ||||
| CVE-2025-39416 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ichi translit it! allows Stored XSS. This issue affects translit it!: from n/a through 1.6. | ||||
| CVE-2025-39421 | 2025-04-17 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Mustafa KUCUK WP Sticky Side Buttons allows Stored XSS. This issue affects WP Sticky Side Buttons: from n/a through 2.1. | ||||
| CVE-2025-39438 | 2025-04-17 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery. This issue affects Theme Changer: from n/a through 1.3. | ||||
| CVE-2023-51402 | 1 Brainstormforce | 1 Ultimate Addons For Wpbakery Page Builder | 2025-04-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force Ultimate Addons for WPBakery Page Builder.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through 3.19.17. | ||||
| CVE-2023-52072 | 1 Flycms Project | 1 Flycms | 2025-04-17 | 8.8 High |
| FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte. | ||||
| CVE-2023-50931 | 1 Savignano | 1 S\/notify | 2025-04-17 | 8.3 High |
| An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Bitbucket, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be. | ||||
| CVE-2023-52130 | 1 Wpaffiliatemanager | 1 Affiliates Manager | 2025-04-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager.This issue affects Affiliates Manager: from n/a through 2.9.31. | ||||
| CVE-2023-51535 | 1 Cleantalk | 1 Spam Protection\, Antispam\, Firewall | 2025-04-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20. | ||||
| CVE-2023-52216 | 1 Yevhenkotelnytskyi | 1 Js \& Css Script Optimizer | 2025-04-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3. | ||||