Total
7225 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31457 | 2025-03-28 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Aurélien LWS LWS SMS allows Cross Site Request Forgery. This issue affects LWS SMS: from n/a through 2.4.1. | |||||
| CVE-2025-31439 | 2025-03-28 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in tobias_.MerZ Browser Caching with .htaccess allows Cross Site Request Forgery. This issue affects Browser Caching with .htaccess: from 1.2.1 through n/a. | |||||
| CVE-2025-31443 | 2025-03-28 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Furtak KK I Like It allows Stored XSS. This issue affects KK I Like It: from n/a through 1.7.5.3. | |||||
| CVE-2025-31458 | 2025-03-28 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in forsgren Video Embedder allows Stored XSS. This issue affects Video Embedder: from n/a through 1.7.1. | |||||
| CVE-2025-31079 | 2025-03-28 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven allows Cross Site Request Forgery. This issue affects Usermaven: from n/a through 1.2.1. | |||||
| CVE-2025-2863 | 2025-03-28 | N/A | N/A | ||
| Cross-site request forgery (CSRF) vulnerability in the web application of saTECH BCU firmware version 2.1.3, which could allow an unauthenticated local attacker to exploit active administrator sessions and perform malicious actions. The malicious actions that can be executed by the attacker depend on the logged-in user, and may include rebooting the device or modifying roles and permissions. | |||||
| CVE-2025-31435 | 2025-03-28 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Efficient Scripts Microblog Poster allows Stored XSS. This issue affects Microblog Poster: from n/a through 2.1.6. | |||||
| CVE-2025-31444 | 2025-03-28 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in youtag ShowTime Slideshow allows Stored XSS. This issue affects ShowTime Slideshow: from n/a through 1.6. | |||||
| CVE-2022-38329 | 1 Shopxian | 1 Shopxian Cms | 2025-03-28 | N/A | 4.3 MEDIUM |
| A CSRF vulnerability in Shopxian CMS 3.0.0 could allow an unauthenticated, remote attacker to craft a malicious link, potentially causing the administrator to perform unintended actions on an affected system. The vulnerability could allow attackers to modify or delete specific content through crafted requests, potentially leading to data loss and system integrity issues. | |||||
| CVE-2022-4872 | 1 Chained Products Project | 1 Chained Products | 2025-03-27 | N/A | 4.3 MEDIUM |
| The Chained Products WordPress plugin before 2.12.0 does not have authorisation and CSRF checks, as well as does not ensure that the option to be updated belong to the plugin, allowing unauthenticated attackers to set arbitrary options to 'no' | |||||
| CVE-2025-22669 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome Event Booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through 2.7.5. | |||||
| CVE-2025-22637 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print PDF Generator and Publisher allows Cross Site Request Forgery.This issue affects Print PDF Generator and Publisher: from n/a through 1.2.0. | |||||
| CVE-2025-22634 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hossain Easy Booked – Appointment Booking and Scheduling Management System for WordPress allows Cross Site Request Forgery.This issue affects Easy Booked – Appointment Booking and Scheduling Management System for WordPress: from n/a through 2.4.5. | |||||
| CVE-2025-25086 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Secret Meta allows Reflected XSS.This issue affects Secret Meta: from n/a through 1.2.1. | |||||
| CVE-2025-22658 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Listings for Appfolio allows Stored XSS.This issue affects Listings for Appfolio: from n/a through 1.2.0. | |||||
| CVE-2025-25100 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in victoracano Cazamba allows Reflected XSS.This issue affects Cazamba: from n/a through 1.2. | |||||
| CVE-2023-51512 | 1 Woobewoo | 1 Product Table | 2025-03-27 | N/A | 8.8 HIGH |
| Cross Site Request Forgery (CSRF) vulnerability in WBW Product Table by WBW.This issue affects Product Table by WBW: from n/a through 1.8.6. | |||||
| CVE-2023-20856 | 1 Vmware | 1 Vrealize Operations | 2025-03-27 | N/A | 8.8 HIGH |
| VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user. | |||||
| CVE-2025-30872 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce allows Cross Site Request Forgery. This issue affects Product Author for WooCommerce: from n/a through 1.0.7. | |||||
| CVE-2025-30856 | 2025-03-27 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager allows Cross Site Request Forgery. This issue affects Custom Field For WP Job Manager: from n/a through 1.4. | |||||