Export limit exceeded: 344947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9103 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31038 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs essential-breadcrumbs allows Privilege Escalation.This issue affects Essential Breadcrumbs: from n/a through <= 1.1.1. | ||||
| CVE-2025-31036 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WPSOLR WPSolr wpsolr-free allows Privilege Escalation.This issue affects WPSolr: from n/a through <= 24.0. | ||||
| CVE-2025-31005 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Uzair Easyfonts easyfonts allows Cross Site Request Forgery.This issue affects Easyfonts: from n/a through <= 1.1.2. | ||||
| CVE-2024-12383 | 2026-04-15 | 6.1 Medium | ||
| The Binary MLM Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0. This is due to missing or incorrect nonce validation on the 'bmw_display_pv_set_page' function and insufficient input sanitization and output escaping of the 'product_points' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-30986 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in _CreativeMedia_ Elite Video Player elite-video-player allows Cross Site Request Forgery.This issue affects Elite Video Player: from n/a through <= 10.0.5. | ||||
| CVE-2025-30968 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jokerbr313 Advanced Post List advanced-post-list allows Cross Site Request Forgery.This issue affects Advanced Post List: from n/a through <= 0.5.6.2. | ||||
| CVE-2025-30888 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Cross Site Request Forgery.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through <= 1.1. | ||||
| CVE-2025-30769 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through <= 1.1.7. | ||||
| CVE-2025-30601 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in flipdish Flipdish Ordering System flipdish-ordering-system allows Cross Site Request Forgery.This issue affects Flipdish Ordering System: from n/a through <= 1.5.2. | ||||
| CVE-2025-30588 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ryan_xantoo Map Contact map-contact allows Stored XSS.This issue affects Map Contact: from n/a through <= 3.0.4. | ||||
| CVE-2025-30587 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in shawfactor LH OGP Meta lh-ogp-meta-tags allows Stored XSS.This issue affects LH OGP Meta: from n/a through <= 1.73. | ||||
| CVE-2025-30586 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in bbodine1 cTabs ctabs allows Stored XSS.This issue affects cTabs: from n/a through <= 1.3. | ||||
| CVE-2025-31390 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through <= 0.9.6.1. | ||||
| CVE-2025-30572 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Igor Yavych Simple Rating simple-rating allows Stored XSS.This issue affects Simple Rating: from n/a through <= 1.4. | ||||
| CVE-2024-44028 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through < 3.6.5. | ||||
| CVE-2025-58250 | 2 Apustheme, Wordpress | 2 Findgo, Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo fingo allows Authentication Bypass.This issue affects Findgo: from n/a through <= 1.3.55. | ||||
| CVE-2025-28954 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wphobby Backwp backwp allows Path Traversal.This issue affects Backwp: from n/a through <= 2.0.2. | ||||
| CVE-2025-28950 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in David Shabtai Post Author post-author allows Stored XSS.This issue affects Post Author: from n/a through <= 1.1.1. | ||||
| CVE-2025-28941 | 2026-04-15 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ohtan Spam Byebye spam-byebye allows Cross Site Request Forgery.This issue affects Spam Byebye: from n/a through <= 2.2.4. | ||||
| CVE-2024-12322 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.8 High |
| The ThePerfectWedding.nl Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8. This is due to missing or incorrect nonce validation on the 'update_option' function. This makes it possible for unauthenticated attackers to update the 'tpwKey' option with stored cross-site scripting via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||