ReportizFlow
Filtered by vendor
Subscriptions
Total
8349 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31723 | 1 Jenkins | 1 Simple Queue | 2025-04-17 | 4.3 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order. | ||||
| CVE-2025-1762 | 1 Vollstart | 1 Event Tickets With Ticket Scanner | 2025-04-17 | 4.3 Medium |
| The Event Tickets with Ticket Scanner WordPress plugin before 2.5.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | ||||
| CVE-2024-55088 | 1 Getsimple-ce | 1 Getsimple Cms | 2025-04-17 | 8.8 High |
| GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin module. | ||||
| CVE-2024-27694 | 1 Flycms Project | 1 Flycms | 2025-04-16 | 7.4 High |
| FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the /system/share/ztree_category_edit. | ||||
| CVE-2021-32929 | 1 Uffizio | 1 Gps Tracker | 2025-04-16 | 4.3 Medium |
| All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user. | ||||
| CVE-2021-43937 | 1 Smartptt | 1 Scada Server | 2025-04-16 | 7.6 High |
| Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | ||||
| CVE-2023-4628 | 1 Ladipage | 1 Ladipage | 2025-04-16 | 4.3 Medium |
| The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the ladiflow_save_hook() function in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to update the 'ladiflow_hook_configs' option via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-26903 | 2025-04-16 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery allows Cross Site Request Forgery. This issue affects InPost Gallery: from n/a through 2.1.4.3. | ||||
| CVE-2025-39563 | 2025-04-16 | 6.5 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Payments for WooCommerce allows Cross Site Request Forgery. This issue affects Conditional Payments for WooCommerce: from n/a through 3.3.0. | ||||
| CVE-2025-30967 | 2025-04-16 | 9.6 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Upload a Web Shell to a Web Server. This issue affects WPJobBoard: from n/a through n/a. | ||||
| CVE-2025-39600 | 2025-04-16 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for WooCommerce and QuickBooks allows Cross Site Request Forgery. This issue affects Integration for WooCommerce and QuickBooks: from n/a through 1.3.1. | ||||
| CVE-2025-39547 | 2025-04-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Internal Link Optimiser allows Stored XSS. This issue affects Internal Link Optimiser: from n/a through 5.1.3. | ||||
| CVE-2025-39546 | 2025-04-16 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft ElementsReady Addons for Elementor allows Cross Site Request Forgery. This issue affects ElementsReady Addons for Elementor: from n/a through 6.6.2. | ||||
| CVE-2025-39544 | 2025-04-16 | 7.4 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi WP Tools allows Path Traversal. This issue affects WP Tools: from n/a through 5.18. | ||||
| CVE-2025-39548 | 2025-04-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Right Click Disable OR Ban allows Stored XSS. This issue affects Right Click Disable OR Ban: from n/a through 1.1.17. | ||||
| CVE-2025-39517 | 2025-04-16 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basic Interactive World Map allows Cross Site Request Forgery. This issue affects Basic Interactive World Map: from n/a through 2.7. | ||||
| CVE-2025-39530 | 2025-04-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in dsky Site Search 360 allows Stored XSS. This issue affects Site Search 360: from n/a through 2.1.7. | ||||
| CVE-2023-51525 | 1 Wpsimplebookingcalendar | 1 Wp Simple Booking Calendar | 2025-04-16 | 5.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar.This issue affects WP Simple Booking Calendar: from n/a through 2.0.8.4. | ||||
| CVE-2024-30482 | 1 B-website | 1 Simple Revisions Delete | 2025-04-16 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Brice CAPOBIANCO Simple Revisions Delete.This issue affects Simple Revisions Delete: from n/a through 1.5.3. | ||||
| CVE-2025-25379 | 1 07fly | 1 07flycms | 2025-04-15 | 9.6 Critical |
| Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute arbitrary code via the id parameter of the del.html component. | ||||