Total
7225 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-27339 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Will Anderson Minimum Password Strength allows Cross Site Request Forgery. This issue affects Minimum Password Strength: from n/a through 1.2.0. | |||||
| CVE-2025-27317 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in IT-RAYS RAYS Grid allows Cross Site Request Forgery. This issue affects RAYS Grid: from n/a through 1.3.1. | |||||
| CVE-2025-27298 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in cmstactics WP Video Posts allows OS Command Injection. This issue affects WP Video Posts: from n/a through 3.5.1. | |||||
| CVE-2025-27277 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in tiefpunkt Add Linked Images To Gallery allows Cross Site Request Forgery. This issue affects Add Linked Images To Gallery: from n/a through 1.4. | |||||
| CVE-2025-27357 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Musa AVCI Önceki Yazi Link allows Cross Site Request Forgery. This issue affects Önceki Yazi Link: from n/a through 1.3. | |||||
| CVE-2025-27318 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ixiter Simple Google Sitemap allows Cross Site Request Forgery. This issue affects Simple Google Sitemap: from n/a through 1.6. | |||||
| CVE-2025-27342 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in josesan WooCommerce Recargo de Equivalencia allows Cross Site Request Forgery. This issue affects WooCommerce Recargo de Equivalencia: from n/a through 1.6.24. | |||||
| CVE-2025-27321 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Blighty Blightly Explorer allows Stored XSS. This issue affects Blightly Explorer: from n/a through 2.3.0. | |||||
| CVE-2025-27353 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Bob Namaste! LMS allows Cross Site Request Forgery. This issue affects Namaste! LMS: from n/a through 2.6.5. | |||||
| CVE-2025-27336 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just Variables allows Cross Site Request Forgery. This issue affects Just Variables: from n/a through 1.2.3. | |||||
| CVE-2025-27315 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wptom All-In-One Cufon allows Cross Site Request Forgery. This issue affects All-In-One Cufon: from n/a through 1.3.0. | |||||
| CVE-2025-27328 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in queeez WP-PostRatings Cheater allows Cross Site Request Forgery. This issue affects WP-PostRatings Cheater: from n/a through 1.5. | |||||
| CVE-2025-27276 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in lizeipe Photo Gallery ( Responsive ) allows Privilege Escalation. This issue affects Photo Gallery ( Responsive ): from n/a through 4.0. | |||||
| CVE-2025-27355 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon allows Stored XSS. This issue affects Woocommerce – Loi Hamon: from n/a through 1.1.0. | |||||
| CVE-2025-27335 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Free plug in by SEO Roma Auto Tag Links allows Cross Site Request Forgery. This issue affects Auto Tag Links: from n/a through 1.0.13. | |||||
| CVE-2025-27344 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in filipstepanov Phee's LinkPreview allows Cross Site Request Forgery. This issue affects Phee's LinkPreview: from n/a through 1.6.7. | |||||
| CVE-2025-27311 | 2025-02-24 | N/A | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in luk3thomas Bulk Content Creator allows Cross Site Request Forgery. This issue affects Bulk Content Creator: from n/a through 1.2.1. | |||||
| CVE-2024-13555 | 1 1clickmigration | 1 1 Click Migration | 2025-02-24 | N/A | 4.3 MEDIUM |
| The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing or incorrect nonce validation on the cancel_actions() function. This makes it possible for unauthenticated attackers to cancel a triggered backup via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2024-13522 | 1 Magayo | 1 Magayo Lottery Results | 2025-02-24 | N/A | 5.4 MEDIUM |
| The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.12. This is due to missing or incorrect nonce validation on the 'magayo-lottery-results' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2024-10581 | 1 Designinvento | 1 Directorypress | 2025-02-24 | N/A | 4.3 MEDIUM |
| The DirectoryPress Frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.9. This is due to missing or incorrect nonce validation on the dpfl_listingStatusChange() function. This makes it possible for unauthenticated attackers to update listing statuses via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||