56013 matches found
EUVD-2025-35987
Cross-Site Request Forgery CSRF vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through = 2.0.1...
EUVD-2025-35957
Server-Side Request Forgery SSRF vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through = 1.0.3...
EUVD-2025-36007
Cross-Site Request Forgery CSRF vulnerability in Mejar WP Business Hours wp-business-hours allows Stored XSS.This issue affects WP Business Hours: from n/a through = 1.4...
EUVD-2025-36047
Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...
CVE-2025-62957
Cross-Site Request Forgery CSRF vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through = 1.0.0...
CVE-2025-62956
Cross-Site Request Forgery CSRF vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through = 2.0.1...
CVE-2025-62945
Cross-Site Request Forgery CSRF vulnerability in Eduard Pinuaga Linares Did Prestashop Display did-prestashop-display allows Stored XSS.This issue affects Did Prestashop Display: from n/a through = 1.0.30...
CVE-2025-62988
The CVE-2025-62988 entry pertains to a Server-Side Request Forgery (SSRF) in the WordPress Slider Templates plugin (slider-templates) affecting versions up to and including 1.0.3. The vulnerability is documented by multiple sources (Wordfence, Patchstack, CVE records) and is listed as Unpatched f...
CVE-2025-62988 WordPress Slider Templates plugin <= 1.0.3 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through = 1.0.3...
CVE-2025-62988 WordPress Slider Templates plugin <= 1.0.3 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through = 1.0.3...
CVE-2025-62962 WordPress CloudSearch plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Andrea Landonio CloudSearch cloud-search allows Stored XSS.This issue affects CloudSearch: from n/a through = 3.0.0...
CVE-2025-62958 WordPress Simple Content Templates for Blog Posts & Pages plugin <= 2.2.61 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Clifton Griffin Simple Content Templates for Blog Posts & Pages simple-post-template allows Cross Site Request Forgery.This issue affects Simple Content Templates for Blog Posts & Pages: from n/a through = 2.2.61...
CVE-2025-62896
CVE-2025-62896 concerns the WordPress plugin Multilang Contact Form (digitaldonkey) up to version 1.5. It describes a Cross-Site Request Forgery (CSRF) vulnerability that enables Stored XSS. The CVSS 3.1 analysis indicates an attack vector of NETWORK, with no privileges required, but user interac...
CVE-2025-62890
CVE-2025-62890 is a CSRF vulnerability in the WordPress plugin Premmerce Brands for WooCommerce (versions n/a through 1.2.13). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) yields a base score of 4.3 (Medium). The Red Hat and NVD entries corroborate that the issue concerns Cross-Site ...
CVE-2025-62886
The CVE-2025-62886 entry concerns the WordPress plugin Pricing Table Builder (wpdevart-pricing-table). A Cross-Site Request Forgery (CSRF) vulnerability exists that can lead to Stored XSS in versions through 1.5.1. The issue is consistently described across sources as affecting wpdevart-pricing-t...
WordPress plugin Multilang Contact Form 跨站请求伪造漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in...
PT-2025-43766
Name of the Vulnerable Software and Affected Versions wpdevart Pricing Table builder versions through 1.5.1 Description A Cross-Site Request Forgery CSRF issue exists in wpdevart Pricing Table builder wpdevart-pricing-table, potentially allowing Stored Cross-Site Scripting XSS. Recommendations...
CVE-2025-54969
An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not implement CSRF protections. An attacker who social engineers a valid user into clicking a malicious link or visiting a malicious website may be able to submit requests to the Job Status Service...
WordPress plugin WP Business Hours 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
PT-2025-43858
Cross-Site Request Forgery CSRF vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS.This issue affects FanBridge signup: from n/a through = 0.6...