Total
7687 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32112 | 2025-04-07 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light allows Cross Site Request Forgery. This issue affects Sidebar Manager Light: from n/a through 1.1.8. | |||||
| CVE-2025-32261 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj Advanced All in One Admin Search by WP Spotlight allows Cross Site Request Forgery. This issue affects Advanced All in One Admin Search by WP Spotlight: from n/a through 1.1.1. | |||||
| CVE-2025-32262 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP Wiki Embed allows Cross Site Request Forgery. This issue affects RDP Wiki Embed: from n/a through 1.2.20. | |||||
| CVE-2025-32263 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in BeRocket Sequential Order Numbers for WooCommerce allows Cross Site Request Forgery. This issue affects Sequential Order Numbers for WooCommerce: from n/a through 3.6.2. | |||||
| CVE-2025-32247 | 2025-04-07 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI Content Creator allows Cross Site Request Forgery. This issue affects AI Content Creator: from n/a through 1.2.6. | |||||
| CVE-2025-32265 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.3.9. | |||||
| CVE-2025-32241 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CleverReach® Official CleverReach Plugin for WooCommerce allows Cross Site Request Forgery. This issue affects Official CleverReach Plugin for WooCommerce: from n/a through 3.4.3. | |||||
| CVE-2025-32249 | 2025-04-07 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in designinvento DirectoryPress allows Cross Site Request Forgery. This issue affects DirectoryPress: from n/a through 3.6.19. | |||||
| CVE-2025-32264 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam UltraAddons Elementor Lite allows Cross Site Request Forgery. This issue affects UltraAddons Elementor Lite: from n/a through 2.0.0. | |||||
| CVE-2025-32273 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in freetobook Freetobook Responsive Widget allows Cross Site Request Forgery. This issue affects Freetobook Responsive Widget: from n/a through 1.1. | |||||
| CVE-2024-11071 | 2025-04-07 | N/A | 8.8 HIGH | ||
| Permissive Cross-domain Policy with Untrusted Domains vulnerability in local API server of DestinyECM solution(versions described below) which is developed and maintained by Cyberdigm may allow Cross-Site Request Forgery (CSRF) attack, which probabilistically enables JSON Hijacking (aka JavaScript Hijacking) via forgery web page.* Due to product customization, version information may differ from the following version description. For further inquiries, please contact the vendor. | |||||
| CVE-2025-32270 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Broadstreet Broadstreet allows Cross Site Request Forgery. This issue affects Broadstreet: from n/a through 1.51.1. | |||||
| CVE-2025-3257 | 2025-04-07 | 5.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability classified as problematic has been found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-0810 | 2025-04-07 | N/A | 7.5 HIGH | ||
| The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.5. This is due to missing or incorrect nonce validation on the addNewButtons() function. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2025-32276 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Quý Lê 91 Administrator Z allows Cross Site Request Forgery. This issue affects Administrator Z: from n/a through 2025.03.04. | |||||
| CVE-2025-32278 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wprio Table Block by RioVizual allows Cross Site Request Forgery. This issue affects Table Block by RioVizual: from n/a through 2.1.7. | |||||
| CVE-2025-32269 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Cross Site Request Forgery. This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.3. | |||||
| CVE-2025-32267 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wpzinc Post to Social Media – WordPress to Hootsuite allows Cross Site Request Forgery. This issue affects Post to Social Media – WordPress to Hootsuite: from n/a through 1.5.8. | |||||
| CVE-2025-32271 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Role Pricing allows Cross Site Request Forgery. This issue affects Woocommerce Role Pricing: from n/a through 3.5.5. | |||||
| CVE-2025-32274 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB allows Cross Site Request Forgery. This issue affects WP w3all phpBB: from n/a through 2.9.2. | |||||