55998 matches found
CVE-2025-49341 WordPress PDF Creator Lite plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite allows Stored XSS.This issue affects PDF Creator Lite: from n/a through = 1.2...
CVE-2025-67472 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Cross Site Request Forgery.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through = 4.5.5...
CVE-2025-66531 WordPress Salon booking system plugin <= 10.30.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through = 10.30.3...
CVE-2025-66529 WordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through = 3.6.3...
CVE-2025-66529 WordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through = 3.6.3...
CVE-2025-11022 CSRF in Panilux
Cross-Site Request Forgery CSRF vulnerability in Personal Project Panilux allows Cross Site Request Forgery. This CSRF vulnerability resulting in Command Injection has been identified. This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny...
CVE-2025-11022 CSRF in Panilux
Cross-Site Request Forgery CSRF vulnerability in Personal Project Panilux allows Cross Site Request Forgery. This CSRF vulnerability resulting in Command Injection has been identified. This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny...
CVE-2025-42616
Some endpoints in vulnerability-lookup that modified application state e.g. changing database entries, user data, configurations, or other privileged actions may have been accessible via HTTP GET requests without requiring a CSRF token. This flaw leaves the application vulnerable to Cross-Site...
PT-2025-49969
Name of the Vulnerable Software and Affected Versions Ays Pro Quiz Maker versions through 6.7.0.82 Description A Cross-Site Request Forgery issue exists in Ays Pro Quiz Maker. This allows attackers to potentially perform actions on behalf of an authenticated user without their knowledge. The issu...
PT-2025-49882
Cross-Site Request Forgery CSRF vulnerability in QuantumCloud Simple Link Directory simple-link-directory allows Cross Site Request Forgery.This issue affects Simple Link Directory: from n/a through = 8.8.3...
PT-2025-50039
Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal New User Approve new-user-approve allows Cross Site Request Forgery.This issue affects New User Approve: from n/a through = 3.2.0...
PT-2025-50018
Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...
WordPress plugin WP sIFR 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
WordPress plugin Hercules Core 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
PT-2025-49983
Cross-Site Request Forgery CSRF vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS.This issue affects WP sIFR: from n/a through = 0.6.8.1...
PT-2025-50210
Name of the Vulnerable Software and Affected Versions AllskyTeam AllSky version 2024.12.06 06 Description A Cross Site Request Forgery CSRF issue exists in AllskyTeam AllSky version 2024.12.06 06. This allows remote attackers to potentially cause a denial of service by exploiting the handle...
Allsky Camera 安全漏洞
Allsky Camera is an Allsky open source camera system for photographing and monitoring the entire sky. A security vulnerability exists in Allsky Camera version v2024.12.0606, which stems from cross-site request forgery and could lead to a denial of service...
PT-2025-50008
Cross-Site Request Forgery CSRF vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Cross Site Request Forgery.This issue affects Add Custom Codes: from n/a through = 4.80...
PT-2025-49877
CVE-2025-66529 Cross-Site Request Forgery CSRF vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through = 3… https://t.co/tisuEjUw4Q...
PT-2025-50277
Name of the Vulnerable Software and Affected Versions ZITADEL versions 4.7.0 and below Description ZITADEL is an open-source identity infrastructure tool susceptible to an unauthenticated, full-read Server-Side Request Forgery SSRF issue. The ZITADEL Login UI V2 incorrectly trusts the...