Total
8611 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23560 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2. | ||||
| CVE-2025-25088 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in blackus3r WP Keyword Monitor allows Stored XSS. This issue affects WP Keyword Monitor: from n/a through 1.0.5. | ||||
| CVE-2025-23471 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Andy Chapman ECT Add to Cart Button allows Stored XSS.This issue affects ECT Add to Cart Button: from n/a through 1.4. | ||||
| CVE-2025-23797 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows Privilege Escalation.This issue affects WP Options Editor: from n/a through 1.1. | ||||
| CVE-2025-32482 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in quanganhdo Custom Smilies allows Stored XSS. This issue affects Custom Smilies: from n/a through 1.2. | ||||
| CVE-2024-53762 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Faster Themes FastBook – Responsive Appointment Booking and Scheduling System allows Stored XSS.This issue affects FastBook – Responsive Appointment Booking and Scheduling System: from n/a through 1.1. | ||||
| CVE-2024-51641 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in jcmlmorav Advanced PDF Generator allows Stored XSS.This issue affects Advanced PDF Generator: from n/a through 0.4.0. | ||||
| CVE-2025-0990 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| The I Am Gloria plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.4. This is due to missing or incorrect nonce validation on the iamgloria23_gloria_settings_page function. This makes it possible for unauthenticated attackers to reset the tenant ID via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-37490 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Bard allows Cross Site Request Forgery.This issue affects Bard: from n/a through 2.210. | ||||
| CVE-2025-39422 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in PResponsive WP Social Bookmarking allows Stored XSS. This issue affects WP Social Bookmarking: from n/a through 3.6. | ||||
| CVE-2023-47845 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through 1.0.4. | ||||
| CVE-2024-49304 | 2 Pinpoint.world, Wordpress | 2 Pinpoint Booking System, Wordpress | 2025-07-12 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Stored XSS.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1. | ||||
| CVE-2025-47685 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout allows Stored XSS. This issue affects Contribuinte Checkout: from n/a through 2.0.02. | ||||
| CVE-2024-54306 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in KCT AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot allows Cross Site Request Forgery.This issue affects AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot: from n/a through 1.6.2. | ||||
| CVE-2024-53781 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Home Junction SpatialMatch IDX allows Stored XSS.This issue affects SpatialMatch IDX: from n/a through 3.0.9. | ||||
| CVE-2025-23832 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Matt Gibbs Admin Cleanup allows Stored XSS.This issue affects Admin Cleanup: from n/a through 1.0.2. | ||||
| CVE-2025-22555 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Noel Jarencio. Smoothness Slider Shortcode allows Cross Site Request Forgery.This issue affects Smoothness Slider Shortcode: from n/a through v1.2.2. | ||||
| CVE-2024-54307 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AIpost AIcomments allows Cross Site Request Forgery.This issue affects AIcomments: from n/a through 1.4.1. | ||||
| CVE-2025-22705 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in godthor Disqus Popular Posts allows Reflected XSS. This issue affects Disqus Popular Posts: from n/a through 2.1.1. | ||||
| CVE-2025-23869 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.k.a CyberJack CJ Custom Content allows Stored XSS.This issue affects CJ Custom Content: from n/a through 2.0. | ||||