ReportizFlow
Filtered by vendor
Subscriptions
Total
8331 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46492 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog allows Stored XSS. This issue affects Call Now PHT Blog: from n/a through 2.4.1. | ||||
| CVE-2025-31401 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in mmetrodw MMX – Make Me Christmas allows Stored XSS. This issue affects MMX – Make Me Christmas: from n/a through 1.0.0. | ||||
| CVE-2024-56012 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 9.8 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive), Pearlbells Post Title (TypeWriter) allows Privilege Escalation.This issue affects Flash News / Post (Responsive): from n/a through 4.1; Post Title (TypeWriter): from n/a through 4.1. | ||||
| CVE-2024-37451 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Travel Agency allows Cross Site Request Forgery.This issue affects Travel Agency: from n/a through 1.4.9. | ||||
| CVE-2025-23573 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Sam Burdge WP Background Tile allows Stored XSS.This issue affects WP Background Tile: from n/a through 1.0. | ||||
| CVE-2024-54439 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alok Tiwari Amazon Product Price allows Stored XSS.This issue affects Amazon Product Price: from n/a through 1.1. | ||||
| CVE-2024-53726 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Realty Candy RealtyCandy IDX Broker Extended allows Stored XSS.This issue affects RealtyCandy IDX Broker Extended: from n/a through 1.5.1. | ||||
| CVE-2024-41987 | 1 Tem | 1 Opera Plus Fm Family Transmitter | 2025-07-13 | N/A |
| The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. | ||||
| CVE-2025-39441 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in swedish boy Dashboard Notepads allows Stored XSS. This issue affects Dashboard Notepads: from n/a through 1.2.1. | ||||
| CVE-2024-54434 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Phoetry phZoom allows Stored XSS.This issue affects phZoom: from n/a through 1.2.92. | ||||
| CVE-2025-46442 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Casey Johnson Loan Calculator allows Stored XSS. This issue affects Loan Calculator: from n/a through 1.3. | ||||
| CVE-2025-32249 | 2 Designinvento, Wordpress | 2 Directorypress, Wordpress | 2025-07-12 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in designinvento DirectoryPress allows Cross Site Request Forgery. This issue affects DirectoryPress: from n/a through 3.6.19. | ||||
| CVE-2025-32610 | 2 Foliovision, Wordpress | 2 Foliopress Wysiwyg, Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Foliovision: Making the web work for you Foliopress WYSIWYG allows Cross Site Request Forgery. This issue affects Foliopress WYSIWYG: from n/a through 2.6.18. | ||||
| CVE-2025-49453 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Jatinder Pal Singh BP Profile as Homepage allows Stored XSS. This issue affects BP Profile as Homepage: from n/a through 1.1. | ||||
| CVE-2024-37448 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in FameThemes OnePress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through 2.3.6. | ||||
| CVE-2025-23922 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 10 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through 1.0. | ||||
| CVE-2025-30811 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross Site Request Forgery. This issue affects ValidateCertify: from n/a through 1.6.1. | ||||
| CVE-2025-31383 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in FrescoChat Live Chat allows Stored XSS. This issue affects FrescoChat Live Chat: from n/a through 3.2.6. | ||||
| CVE-2024-51650 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Scott @ MyDollarPlan.com Random Featured Post allows Stored XSS.This issue affects Random Featured Post: from n/a through 1.1.3. | ||||
| CVE-2025-31449 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in EricH The Visitor Counter allows Stored XSS. This issue affects The Visitor Counter: from n/a through 1.4.3. | ||||