Total
7225 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47620 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bundgaard Martins Free Monetized Ad Exchange Network allows Reflected XSS. This issue affects Martins Free Monetized Ad Exchange Network: from n/a through 1.0.5. | |||||
| CVE-2025-47594 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Soccer Live Scores allows Cross Site Request Forgery. This issue affects Soccer Live Scores: from n/a through 1.0.5. | |||||
| CVE-2025-47514 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Eli ELI's Related Posts Footer Links and Widget allows Stored XSS. This issue affects ELI's Related Posts Footer Links and Widget: from n/a through 1.2.04.20. | |||||
| CVE-2025-47468 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in hashthemes Hash Form allows Cross Site Request Forgery. This issue affects Hash Form: from n/a through 1.2.8. | |||||
| CVE-2025-47459 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in XpeedStudio WP Fundraising Donation and Crowdfunding Platform allows Cross Site Request Forgery. This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.7.3. | |||||
| CVE-2025-47451 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Product Quantity Dropdown For Woocommerce allows Cross Site Request Forgery. This issue affects Product Quantity Dropdown For Woocommerce: from n/a through 1.2. | |||||
| CVE-2025-47446 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in listamester Listamester allows Cross Site Request Forgery. This issue affects Listamester: from n/a through 2.3.6. | |||||
| CVE-2025-47447 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak Cool Author Box allows Cross Site Request Forgery. This issue affects Cool Author Box: from n/a through 3.0.0. | |||||
| CVE-2025-47448 | 2025-05-07 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking allows Cross Site Request Forgery. This issue affects WP Hotel Booking: from n/a through 2.1.9. | |||||
| CVE-2024-20281 | 1 Cisco | 4 Nexus Dashboard, Nexus Dashboard Fabric Controller, Nexus Dashboard Insights and 1 more | 2025-05-07 | N/A | 8.8 HIGH |
| A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. If the affected user has administrative privileges, these actions could include modifying the system configuration and creating new privileged accounts. Note: There are internal security mechanisms in place that limit the scope of this exploit, reducing the Security Impact Rating of this vulnerability. | |||||
| CVE-2015-9307 | 1 Weplugins | 1 Wp Maps | 2025-05-07 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature. | |||||
| CVE-2015-9309 | 1 Weplugins | 1 Wp Maps | 2025-05-07 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature. | |||||
| CVE-2022-25600 | 2 Fedoraproject, Weplugins | 2 Fedora, Wp Maps | 2025-05-07 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). | |||||
| CVE-2023-28172 | 1 Weplugins | 1 Wp Maps | 2025-05-07 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin) plugin <= 4.4.2 versions. | |||||
| CVE-2015-9308 | 1 Weplugins | 1 Wp Maps | 2025-05-07 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature. | |||||
| CVE-2023-6499 | 1 Calenfretts | 1 Lastunes | 2025-05-06 | N/A | 5.4 MEDIUM |
| The lasTunes WordPress plugin through 3.6.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack | |||||
| CVE-2022-40291 | 1 Phppointofsale | 1 Php Point Of Sale | 2025-05-06 | N/A | 8.8 HIGH |
| The application was vulnerable to Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to coerce users into sending malicious requests to the site to delete their account, or in rare circumstances, hijack their account and create other admin accounts. | |||||
| CVE-2024-13118 | 1 Brijeshk89 | 1 Ip Based Login | 2025-05-06 | N/A | N/A |
| The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack | |||||
| CVE-2022-40488 | 1 Processwire | 1 Processwire | 2025-05-06 | N/A | 6.5 MEDIUM |
| ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF). | |||||
| CVE-2024-25904 | 1 Blackbam | 1 Tinymce And Tinymce Advanced Professsional Formats And Styles | 2025-05-06 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in David Stockl TinyMCE and TinyMCE Advanced Professsional Formats and Styles.This issue affects TinyMCE and TinyMCE Advanced Professsional Formats and Styles: from n/a through 1.1.2. | |||||