Total
8355 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-39530 | 2025-04-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in dsky Site Search 360 allows Stored XSS. This issue affects Site Search 360: from n/a through 2.1.7. | ||||
| CVE-2025-39517 | 2025-04-16 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basic Interactive World Map allows Cross Site Request Forgery. This issue affects Basic Interactive World Map: from n/a through 2.7. | ||||
| CVE-2025-39548 | 2025-04-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Right Click Disable OR Ban allows Stored XSS. This issue affects Right Click Disable OR Ban: from n/a through 1.1.17. | ||||
| CVE-2023-51525 | 1 Wpsimplebookingcalendar | 1 Wp Simple Booking Calendar | 2025-04-15 | 5.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar.This issue affects WP Simple Booking Calendar: from n/a through 2.0.8.4. | ||||
| CVE-2024-30482 | 1 B-website | 1 Simple Revisions Delete | 2025-04-15 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Brice CAPOBIANCO Simple Revisions Delete.This issue affects Simple Revisions Delete: from n/a through 1.5.3. | ||||
| CVE-2025-25379 | 1 07fly | 1 07flycms | 2025-04-15 | 9.6 Critical |
| Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute arbitrary code via the id parameter of the del.html component. | ||||
| CVE-2024-57611 | 1 07fly | 1 07flycms | 2025-04-15 | 3.5 Low |
| 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId. | ||||
| CVE-2024-57159 | 1 07fly | 1 07flycms | 2025-04-15 | 3.5 Low |
| 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html. | ||||
| CVE-2024-33651 | 1 Mf Gig Calendar Project | 1 Mf Gig Calendar | 2025-04-15 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through 1.2.1. | ||||
| CVE-2022-29468 | 1 Wwbn | 1 Avideo | 2025-04-15 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. | ||||
| CVE-2025-2871 | 2025-04-15 | 4.3 Medium | ||
| The WordPress Mega Menu – QuadMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the ajax_dismiss_notice() function. This makes it possible for unauthenticated attackers to update any user meta to a value of one, including wp_capabilities which could result in a privilege deescalation of an administrator, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-27009 | 2025-04-15 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro allows Stored XSS.This issue affects My auctions allegro: from n/a through 3.6.20. | ||||
| CVE-2025-30965 | 2025-04-15 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Cross Site Request Forgery. This issue affects WPJobBoard: from n/a through n/a. | ||||
| CVE-2024-34957 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-04-15 | 5.4 Medium |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet. | ||||
| CVE-2024-34958 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-04-15 | 6.5 Medium |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add | ||||
| CVE-2024-35011 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-04-15 | 5.4 Medium |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close. | ||||
| CVE-2024-35012 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-04-15 | 6.3 Medium |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close. | ||||
| CVE-2024-35039 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-04-15 | 3.8 Low |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area. | ||||
| CVE-2024-35108 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-04-15 | 8.8 High |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN. | ||||
| CVE-2024-35109 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-04-15 | 6.5 Medium |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close. | ||||