ReportizFlow
Filtered by vendor
Subscriptions
Total
8111 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54438 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in GAxx Gaxx Keywords allows Stored XSS.This issue affects Gaxx Keywords: from n/a through 0.2. | ||||
| CVE-2024-54432 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Prasad Patnaik WP Flipkart Importer allows Stored XSS.This issue affects WP Flipkart Importer: from n/a through 1.4. | ||||
| CVE-2025-32477 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Jordi Salord WP-Easy Menu allows Stored XSS. This issue affects WP-Easy Menu: from n/a through 0.41. | ||||
| CVE-2024-12291 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.1 Medium |
| The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-54226 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Karl Kiesinger Country Blocker allows Stored XSS.This issue affects Country Blocker: from n/a through 3.2. | ||||
| CVE-2024-38724 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF), Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Muhammad Rehman Contact Form 7 Summary and Print allows Stored XSS.This issue affects Contact Form 7 Summary and Print: from n/a through 1.2.5. | ||||
| CVE-2025-30632 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in pozzad Global Translator allows Cross Site Request Forgery. This issue affects Global Translator: from n/a through 2.0.2. | ||||
| CVE-2025-23978 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ninos Ego FlashCounter allows Stored XSS. This issue affects FlashCounter: from n/a through 1.1.8. | ||||
| CVE-2025-32505 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in SCAND MultiMailer allows Stored XSS. This issue affects MultiMailer: from n/a through 1.0.3. | ||||
| CVE-2025-28925 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Hieu Nguyen WATI Chat and Notification allows Stored XSS. This issue affects WATI Chat and Notification: from n/a through 1.1.2. | ||||
| CVE-2025-31906 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ProfitShare.ro WP Profitshare allows Stored XSS. This issue affects WP Profitshare: from n/a through 1.4.9. | ||||
| CVE-2024-12557 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.1 Medium |
| The Transporters.io plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.84. This is due to missing nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-51640 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Matt Rude MDR Webmaster Tools allows Stored XSS.This issue affects MDR Webmaster Tools: from n/a through 1.1. | ||||
| CVE-2025-23675 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in SandyIN Import Users to MailChimp allows Stored XSS.This issue affects Import Users to MailChimp: from n/a through 1.0. | ||||
| CVE-2025-32485 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Bjoern WP Performance Pack allows Cross Site Request Forgery. This issue affects WP Performance Pack: from n/a through 2.5.4. | ||||
| CVE-2024-37511 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in SWTE Swift Performance Lite allows Cross Site Request Forgery.This issue affects Swift Performance Lite: from n/a through 2.3.6.20. | ||||
| CVE-2023-41686 | 2 Ilghera, Wordpress | 2 Woocommerce Support System, Wordpress | 2025-07-13 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce Support System allows Cross Site Request Forgery.This issue affects Woocommerce Support System: from n/a through 1.2.2. | ||||
| CVE-2025-22297 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AIpost AI WP Writer allows Cross Site Request Forgery.This issue affects AI WP Writer: from n/a through 3.8.4.4. | ||||
| CVE-2025-23800 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in David Hamilton OrangeBox allows Cross Site Request Forgery.This issue affects OrangeBox: from n/a through 3.0.0. | ||||
| CVE-2024-37503 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Lawyer Landing Page allows Cross Site Request Forgery.This issue affects Lawyer Landing Page: from n/a through 1.2.4. | ||||