55996 matches found
EUVD-2025-201969
Cross-Site Request Forgery CSRF vulnerability in hogash Kallyas kallyas.This issue affects Kallyas: from n/a through = 4.2...
EUVD-2025-202021
Cross-Site Request Forgery CSRF vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Cross Site Request Forgery.This issue affects Add Custom Codes: from n/a through = 4.80...
EUVD-2025-202027
Cross-Site Request Forgery CSRF vulnerability in ProteusThemes Custom Sidebars by ProteusThemes custom-sidebars-by-proteusthemes allows Cross Site Request Forgery.This issue affects Custom Sidebars by ProteusThemes: from n/a through = 1.0.3...
EUVD-2025-202044
Cross-Site Request Forgery CSRF vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS.This issue affects WP sIFR: from n/a through = 0.6.8.1...
EUVD-2025-202041
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
CVE-2025-13924
CVE-2025-13924 affects Advanced Product Fields (Product Addons) for WooCommerce. The vulnerability is a Cross-Site Request Forgery due to missing/incorrect nonce validation on the maybe_duplicate function, allowing unauthenticated attackers to duplicate and publish product field groups (including...
CVE-2025-13924 Advanced Product Fields (Product Addons) for WooCommerce <= 1.6.17 - Cross-Site Request Forgery to Product Field Group Duplication and Publication
The Advanced Product Fields Product Addons for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.17. This is due to missing or incorrect nonce validation on the 'maybeduplicate' function. This makes it possible for unauthenticat...
CVE-2025-67598
Cross-Site Request Forgery CSRF vulnerability in PSM Plugins SupportCandy supportcandy allows Cross Site Request Forgery.This issue affects SupportCandy: from n/a through = 3.4.1...
CVE-2025-67596
Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through = 6.4.19...
CVE-2025-67469
Cross-Site Request Forgery CSRF vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail-generator allows Cross Site Request Forgery.This issue affects PDF Thumbnail Generator: from n/a through = 1.4...
CVE-2025-64256
Cross-Site Request Forgery CSRF vulnerability in PressTigers Simple Folio simple-folio allows Cross Site Request Forgery.This issue affects Simple Folio: from n/a through = 1.1.0...
CVE-2025-63060
Cross-Site Request Forgery CSRF vulnerability in hogash KALLYAS kallyas allows Cross Site Request Forgery.This issue affects KALLYAS: from n/a through 4.25.0...
CVE-2025-63030
Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal New User Approve new-user-approve allows Cross Site Request Forgery.This issue affects New User Approve: from n/a through = 3.2.3...
CVE-2025-63010
Server-Side Request Forgery SSRF vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through = 7.4...
CVE-2025-62762
Cross-Site Request Forgery CSRF vulnerability in photoboxone SMTP Mail smtp-mail allows Cross Site Request Forgery.This issue affects SMTP Mail: from n/a through = 1.3.51...
CVE-2025-62873 WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
CVE-2025-62762
CVE-2025-62762 describes a CSRF vulnerability in the WordPress plugin SMTP Mail (smtp-mail) affecting versions from earlier up to
CVE-2025-62102
CVE-2025-62102 : A Cross-Site Request Forgery (CSRF) vulnerability affects the WordPress plugin DoFollow Case by Case (versions up to 3.5.1). The vulnerability is documented across multiple sources (NVD/Red Hat/EUVD/CVE list) as CSRF in this plugin, with affected range stated as n/a through 3.5.1...
CVE-2025-49351
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
CVE-2025-49341 WordPress PDF Creator Lite plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite allows Stored XSS.This issue affects PDF Creator Lite: from n/a through = 1.2...