Total
7071 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27311 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in luk3thomas Bulk Content Creator allows Cross Site Request Forgery. This issue affects Bulk Content Creator: from n/a through 1.2.1. | ||||
| CVE-2025-27328 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in queeez WP-PostRatings Cheater allows Cross Site Request Forgery. This issue affects WP-PostRatings Cheater: from n/a through 1.5. | ||||
| CVE-2025-27332 | 2025-02-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in gmnazmul Smart Maintenance & Countdown allows Stored XSS. This issue affects Smart Maintenance & Countdown: from n/a through 1.2. | ||||
| CVE-2025-27335 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Free plug in by SEO Roma Auto Tag Links allows Cross Site Request Forgery. This issue affects Auto Tag Links: from n/a through 1.0.13. | ||||
| CVE-2025-27344 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in filipstepanov Phee's LinkPreview allows Cross Site Request Forgery. This issue affects Phee's LinkPreview: from n/a through 1.6.7. | ||||
| CVE-2025-27276 | 2025-02-24 | 8.8 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in lizeipe Photo Gallery ( Responsive ) allows Privilege Escalation. This issue affects Photo Gallery ( Responsive ): from n/a through 4.0. | ||||
| CVE-2025-27357 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Musa AVCI Önceki Yazı Link allows Cross Site Request Forgery. This issue affects Önceki Yazı Link: from n/a through 1.3. | ||||
| CVE-2025-27290 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in seyyed-amir Erima Zarinpal Donate allows Cross Site Request Forgery. This issue affects Erima Zarinpal Donate: from n/a through 1.0. | ||||
| CVE-2025-27353 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Bob Namaste! LMS allows Cross Site Request Forgery. This issue affects Namaste! LMS: from n/a through 2.6.5. | ||||
| CVE-2025-27355 | 2025-02-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon allows Stored XSS. This issue affects Woocommerce – Loi Hamon: from n/a through 1.1.0. | ||||
| CVE-2025-27315 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wptom All-In-One Cufon allows Cross Site Request Forgery. This issue affects All-In-One Cufon: from n/a through 1.3.0. | ||||
| CVE-2025-27316 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in hosting.io JPG, PNG Compression and Optimization allows Cross Site Request Forgery. This issue affects JPG, PNG Compression and Optimization: from n/a through 1.7.35. | ||||
| CVE-2025-27318 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ixiter Simple Google Sitemap allows Cross Site Request Forgery. This issue affects Simple Google Sitemap: from n/a through 1.6. | ||||
| CVE-2025-27321 | 2025-02-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Blighty Blightly Explorer allows Stored XSS. This issue affects Blightly Explorer: from n/a through 2.3.0. | ||||
| CVE-2025-27342 | 2025-02-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in josesan WooCommerce Recargo de Equivalencia allows Cross Site Request Forgery. This issue affects WooCommerce Recargo de Equivalencia: from n/a through 1.6.24. | ||||
| CVE-2025-27340 | 2025-02-24 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Marc F12-Profiler allows Cross Site Request Forgery. This issue affects F12-Profiler: from n/a through 1.3.9. | ||||
| CVE-2025-27298 | 2025-02-24 | 8.3 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in cmstactics WP Video Posts allows OS Command Injection. This issue affects WP Video Posts: from n/a through 3.5.1. | ||||
| CVE-2024-13555 | 1 1clickmigration | 1 1 Click Migration | 2025-02-24 | 5.3 Medium |
| The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing or incorrect nonce validation on the cancel_actions() function. This makes it possible for unauthenticated attackers to cancel a triggered backup via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-27012 | 2025-02-24 | 8.8 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This issue affects A1POST.BG Shipping for Woo: from n/a through 1.5.1. | ||||
| CVE-2024-13522 | 1 Magayo | 1 Magayo Lottery Results | 2025-02-24 | 6.1 Medium |
| The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.12. This is due to missing or incorrect nonce validation on the 'magayo-lottery-results' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||