Total
8343 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31079 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven allows Cross Site Request Forgery. This issue affects Usermaven: from n/a through 1.2.1. | ||||
| CVE-2025-26569 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in callmeforsox Post Thumbs allows Stored XSS. This issue affects Post Thumbs: from n/a through 1.5. | ||||
| CVE-2025-32502 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in lemmentwickler ePaper Lister for Yumpu allows Stored XSS. This issue affects ePaper Lister for Yumpu: from n/a through 1.4.0. | ||||
| CVE-2025-30550 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r allows Stored XSS. This issue affects CallPhone'r: from n/a through 1.1.1. | ||||
| CVE-2024-53780 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Rajeev Chauhan Load More Posts allows Stored XSS.This issue affects Load More Posts: from n/a through 1.4.0. | ||||
| CVE-2024-37931 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Creativthemes Point allows Cross Site Request Forgery.This issue affects Point: from n/a through 1.1. | ||||
| CVE-2024-54337 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in DevriX DX Dark Site allows Stored XSS.This issue affects DX Dark Site: from n/a through 1.0.1. | ||||
| CVE-2024-38790 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Smartsupp Smartsupp – live chat, chatbots, AI and lead generation allows Cross Site Request Forgery.This issue affects Smartsupp – live chat, chatbots, AI and lead generation: from n/a through 3.6. | ||||
| CVE-2025-31459 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in PasqualePuzio Login Alert allows Stored XSS. This issue affects Login Alert: from n/a through 0.2.1. | ||||
| CVE-2024-6841 | 1 Vanna-ai | 1 Vanna | 2025-07-12 | N/A |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in the latest commit (56b782bcefd2e59b19cd7ba7878b95f54884f502) of the vanna-ai/vanna repository. Two endpoints in the built-in web app that provide SQL functionality are implemented as simple GET requests, making them susceptible to CSRF attacks. This vulnerability allows an attacker to run arbitrary SQL commands via CSRF without the target intending to expose the web app to the network or other users. The impact is limited to data alteration or deletion, as the attacker cannot read the results of the query. | ||||
| CVE-2025-46520 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in alphasis Related Posts via Taxonomies allows Stored XSS. This issue affects Related Posts via Taxonomies: from n/a through 1.0.1. | ||||
| CVE-2024-51656 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in litefeel Flash Show And Hide Box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through 1.6. | ||||
| CVE-2024-51638 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Awesome Shortcodes For Genesis allows Stored XSS.This issue affects Awesome Shortcodes For Genesis: from n/a through .8. | ||||
| CVE-2024-51642 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in webhostri Seo Free allows Stored XSS.This issue affects Seo Free: from n/a through 1.4. | ||||
| CVE-2024-54433 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Simple Booking Simple Booking Widget allows Stored XSS.This issue affects Simple Booking Widget: from n/a through 1.1. | ||||
| CVE-2024-54353 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WPGear Hack-Info allows Stored XSS.This issue affects Hack-Info: from n/a through 3.17. | ||||
| CVE-2025-30621 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in kornelly Translator allows Stored XSS. This issue affects Translator: from n/a through 0.3. | ||||
| CVE-2025-47620 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in bundgaard Martins Free Monetized Ad Exchange Network allows Reflected XSS. This issue affects Martins Free Monetized Ad Exchange Network: from n/a through 1.0.5. | ||||
| CVE-2025-32563 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in dangrossman WP Calais Auto Tagger allows Cross Site Request Forgery. This issue affects WP Calais Auto Tagger: from n/a through 2.0. | ||||
| CVE-2024-54414 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in geoWP Geoportail Shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through 2.4.4. | ||||