Total
8631 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-30542 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wpsolutions SoundCloud Ultimate allows Cross Site Request Forgery. This issue affects SoundCloud Ultimate: from n/a through 1.5. | |||||
| CVE-2025-30528 | 2025-03-27 | N/A | 9.3 CRITICAL | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wpshopee Awesome Logos allows SQL Injection. This issue affects Awesome Logos: from n/a through 1.2. | |||||
| CVE-2025-30561 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Henrique Mouta CAS Maestro allows Stored XSS. This issue affects CAS Maestro: from n/a through 1.1.3. | |||||
| CVE-2025-30521 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in giangmd93 GP Back To Top allows Cross Site Request Forgery. This issue affects GP Back To Top: from n/a through 3.0. | |||||
| CVE-2025-30584 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in alphaomegaplugins AlphaOmega Captcha & Anti-Spam Filter allows Stored XSS. This issue affects AlphaOmega Captcha & Anti-Spam Filter: from n/a through 3.3. | |||||
| CVE-2025-30558 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in EnzoCostantini55 ANAC XML Render allows Stored XSS. This issue affects ANAC XML Render: from n/a through 1.5.7. | |||||
| CVE-2025-30588 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ryan_xantoo Map Contact allows Stored XSS. This issue affects Map Contact: from n/a through 3.0.4. | |||||
| CVE-2025-30620 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in coderscom WP Odoo Form Integrator allows Stored XSS. This issue affects WP Odoo Form Integrator: from n/a through 1.1.0. | |||||
| CVE-2025-30572 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Igor Yavych Simple Rating allows Stored XSS. This issue affects Simple Rating: from n/a through 1.4. | |||||
| CVE-2025-30560 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sana Ullah jQuery Dropdown Menu allows Stored XSS. This issue affects jQuery Dropdown Menu: from n/a through 3.0. | |||||
| CVE-2025-30529 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sébastien Dumont Auto Load Next Post allows Cross Site Request Forgery. This issue affects Auto Load Next Post: from n/a through 1.5.14. | |||||
| CVE-2025-30617 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite allows Cross Site Request Forgery. This issue affects Rewrite: from n/a through 0.2.1. | |||||
| CVE-2025-30550 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r allows Stored XSS. This issue affects CallPhone'r: from n/a through 1.1.1. | |||||
| CVE-2025-30531 | 2025-03-27 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking allows Cross Site Request Forgery. This issue affects WP Ride Booking: from n/a through 2.4. | |||||
| CVE-2025-30586 | 2025-03-27 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bbodine1 cTabs allows Stored XSS. This issue affects cTabs: from n/a through 1.3. | |||||
| CVE-2024-20986 | 1 Oracle | 1 Weblogic Server | 2025-03-27 | N/A | 6.1 MEDIUM |
| Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | |||||
| CVE-2023-51512 | 1 Woobewoo | 1 Product Table | 2025-03-27 | N/A | 4.3 MEDIUM |
| Cross Site Request Forgery (CSRF) vulnerability in WBW Product Table by WBW.This issue affects Product Table by WBW: from n/a through 1.8.6. | |||||
| CVE-2023-20856 | 1 Vmware | 1 Vrealize Operations | 2025-03-27 | N/A | 8.8 HIGH |
| VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user. | |||||
| CVE-2023-23750 | 1 Joomla | 1 Joomla\! | 2025-03-26 | N/A | 6.3 MEDIUM |
| An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages. | |||||
| CVE-2023-25015 | 2 Clockwork Web Project, Rubyonrails | 2 Clockwork Web, Rails | 2025-03-26 | N/A | 6.5 MEDIUM |
| Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF. | |||||