Lucene search
K

56013 matches found

EUVD
EUVD
added 2025/10/27 3:30 a.m.5 views

EUVD-2025-35987

Cross-Site Request Forgery CSRF vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through = 2.0.1...

6.1AI score0.00124EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 3:30 a.m.4 views

EUVD-2025-35957

Server-Side Request Forgery SSRF vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through = 1.0.3...

4.9CVSS6.5AI score0.00142EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 3:30 a.m.7 views

EUVD-2025-36007

Cross-Site Request Forgery CSRF vulnerability in Mejar WP Business Hours wp-business-hours allows Stored XSS.This issue affects WP Business Hours: from n/a through = 1.4...

6.1AI score0.00112EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 3:30 a.m.4 views

EUVD-2025-36047

Cross-Site Request Forgery CSRF vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus Slidebars off-canvas-sidebars allows Cross Site Request Forgery.This issue affects Off-Canvas Sidebars & Menus Slidebars: from n/a through = 0.5.8.5...

6.3AI score0.00128EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 2:15 a.m.7 views

CVE-2025-62957

Cross-Site Request Forgery CSRF vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through = 1.0.0...

7.1CVSS0.00117EPSS
Exploits0References1
NVD
NVD
added 2025/10/27 2:15 a.m.14 views

CVE-2025-62956

Cross-Site Request Forgery CSRF vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through = 2.0.1...

7.1CVSS0.00124EPSS
Exploits0References1
NVD
NVD
added 2025/10/27 2:15 a.m.18 views

CVE-2025-62945

Cross-Site Request Forgery CSRF vulnerability in Eduard Pinuaga Linares Did Prestashop Display did-prestashop-display allows Stored XSS.This issue affects Did Prestashop Display: from n/a through = 1.0.30...

7.1CVSS0.00113EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:34 a.m.12 views

CVE-2025-62988

The CVE-2025-62988 entry pertains to a Server-Side Request Forgery (SSRF) in the WordPress Slider Templates plugin (slider-templates) affecting versions up to and including 1.0.3. The vulnerability is documented by multiple sources (Wordfence, Patchstack, CVE records) and is listed as Unpatched f...

4.9CVSS6.7AI score0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/27 1:34 a.m.8 views

CVE-2025-62988 WordPress Slider Templates plugin <= 1.0.3 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through = 1.0.3...

4.9CVSS0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:34 a.m.1 views

CVE-2025-62988 WordPress Slider Templates plugin <= 1.0.3 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through = 1.0.3...

4.9CVSS6.7AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:34 a.m.1 views

CVE-2025-62962 WordPress CloudSearch plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Andrea Landonio CloudSearch cloud-search allows Stored XSS.This issue affects CloudSearch: from n/a through = 3.0.0...

7.1CVSS6.3AI score0.00124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:34 a.m.5 views

CVE-2025-62958 WordPress Simple Content Templates for Blog Posts & Pages plugin <= 2.2.61 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Clifton Griffin Simple Content Templates for Blog Posts & Pages simple-post-template allows Cross Site Request Forgery.This issue affects Simple Content Templates for Blog Posts & Pages: from n/a through = 2.2.61...

4.3CVSS5.1AI score0.00129EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:33 a.m.9 views

CVE-2025-62896

CVE-2025-62896 concerns the WordPress plugin Multilang Contact Form (digitaldonkey) up to version 1.5. It describes a Cross-Site Request Forgery (CSRF) vulnerability that enables Stored XSS. The CVSS 3.1 analysis indicates an attack vector of NETWORK, with no privileges required, but user interac...

7.1CVSS6.3AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:33 a.m.12 views

CVE-2025-62890

CVE-2025-62890 is a CSRF vulnerability in the WordPress plugin Premmerce Brands for WooCommerce (versions n/a through 1.2.13). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) yields a base score of 4.3 (Medium). The Red Hat and NVD entries corroborate that the issue concerns Cross-Site ...

4.3CVSS6.5AI score0.00128EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:33 a.m.7 views

CVE-2025-62886

The CVE-2025-62886 entry concerns the WordPress plugin Pricing Table Builder (wpdevart-pricing-table). A Cross-Site Request Forgery (CSRF) vulnerability exists that can lead to Stored XSS in versions through 1.5.1. The issue is consistently described across sources as affecting wpdevart-pricing-t...

7.1CVSS5.9AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.2 views

WordPress plugin Multilang Contact Form 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in...

7.1CVSS6.1AI score0.00116EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43766

Name of the Vulnerable Software and Affected Versions wpdevart Pricing Table builder versions through 1.5.1 Description A Cross-Site Request Forgery CSRF issue exists in wpdevart Pricing Table builder wpdevart-pricing-table, potentially allowing Stored Cross-Site Scripting XSS. Recommendations...

8.8CVSS5.6AI score0.00123EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/27 12:0 a.m.4 views

CVE-2025-54969

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not implement CSRF protections. An attacker who social engineers a valid user into clicking a malicious link or visiting a malicious website may be able to submit requests to the Job Status Service...

6.5AI score0.00129EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.2 views

WordPress plugin WP Business Hours 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

7.1CVSS5.9AI score0.00112EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.6 views

PT-2025-43858

Cross-Site Request Forgery CSRF vulnerability in FanBridge FanBridge signup fanbridge-signup allows Stored XSS.This issue affects FanBridge signup: from n/a through = 0.6...

7.1CVSS6.6AI score0.00103EPSS
Exploits0References2
Rows per page
Query Builder