ReportizFlow
Filtered by vendor
Subscriptions
Total
8097 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-53776 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Raphael Heide Donate Me allows Stored XSS.This issue affects Donate Me: from n/a through 1.2.5. | ||||
| CVE-2025-23713 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Hack me if you can allows Stored XSS.This issue affects Hack me if you can: from n/a through 1.2. | ||||
| CVE-2024-54332 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WPFactory WP Currency Exchange Rates allows Stored XSS.This issue affects WP Currency Exchange Rates: from n/a through 1.2.0. | ||||
| CVE-2025-30531 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking allows Cross Site Request Forgery. This issue affects WP Ride Booking: from n/a through 2.4. | ||||
| CVE-2024-51634 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Webriti WordPress Themes & Plugins Shop Webriti Custom Login allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through 0.3. | ||||
| CVE-2025-30617 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite allows Cross Site Request Forgery. This issue affects Rewrite: from n/a through 0.2.1. | ||||
| CVE-2024-37467 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeIsle Hestia allows Cross Site Request Forgery.This issue affects Hestia: from n/a through 3.1.2. | ||||
| CVE-2025-23900 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Genkisan Genki Announcement allows Cross Site Request Forgery.This issue affects Genki Announcement: from n/a through 1.4.1. | ||||
| CVE-2025-23875 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Tim Ridgway Better Protected Pages allows Stored XSS.This issue affects Better Protected Pages: from n/a through 1.0. | ||||
| CVE-2025-31779 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Jonathan Daggerhart Query Wrangler allows Cross Site Request Forgery. This issue affects Query Wrangler: from n/a through 1.5.53. | ||||
| CVE-2025-30585 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in marynixie Generate Post Thumbnails allows Cross Site Request Forgery. This issue affects Generate Post Thumbnails: from n/a through 0.8. | ||||
| CVE-2024-53725 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Script-Recipes Post Hits Counter allows Reflected XSS.This issue affects Post Hits Counter: from n/a through 2.8.23. | ||||
| CVE-2024-11416 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 6.1 Medium |
| The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the save_option() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-54415 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly WP-HideThat allows Stored XSS.This issue affects WP-HideThat: from n/a through 1.2. | ||||
| CVE-2024-13510 | 2 Shopsite, Wordpress | 2 Shopsite, Wordpress | 2025-07-14 | 6.1 Medium |
| The ShopSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.10. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-32555 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Edamam SEO, Nutrition and Print for Recipes by Edamam allows Stored XSS. This issue affects SEO, Nutrition and Print for Recipes by Edamam: from n/a through 3.3. | ||||
| CVE-2024-34809 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes EmpowerWP.This issue affects EmpowerWP: from n/a through 1.0.21. | ||||
| CVE-2025-23463 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Mukesh Dak MD Custom content after or before of post allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through 1.0. | ||||
| CVE-2025-23567 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GDReseller allows Stored XSS.This issue affects GDReseller: from n/a through 1.6. | ||||
| CVE-2025-31623 | 1 Wordpress | 1 Wordpress | 2025-07-14 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in richtexteditor Rich Text Editor allows Stored XSS. This issue affects Rich Text Editor: from n/a through 1.0.1. | ||||