Total
8578 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31840 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in digireturn Simple Fixed Notice allows Cross Site Request Forgery. This issue affects Simple Fixed Notice: from n/a through 1.6. | ||||
| CVE-2025-31908 | 2025-04-01 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui JSON Structuring Markup allows Stored XSS. This issue affects JSON Structuring Markup: from n/a through 0.1. | ||||
| CVE-2025-31904 | 2025-04-01 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Infoway LLC Ebook Downloader allows Cross Site Request Forgery. This issue affects Ebook Downloader: from n/a through 1.0. | ||||
| CVE-2025-31807 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce allows Cross Site Request Forgery. This issue affects Product Notices for WooCommerce: from n/a through 1.3.3. | ||||
| CVE-2025-31808 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor allows Cross Site Request Forgery. This issue affects SCSS WP Editor: from n/a through 1.1.8. | ||||
| CVE-2025-31809 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator allows Cross Site Request Forgery. This issue affects Labinator Content Types Duplicator: from n/a through 1.1.3. | ||||
| CVE-2025-31888 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WPExperts.io WP Multistore Locator allows Cross Site Request Forgery. This issue affects WP Multistore Locator: from n/a through 2.5.2. | ||||
| CVE-2025-31839 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in digireturn DN Footer Contacts allows Cross Site Request Forgery. This issue affects DN Footer Contacts: from n/a through 1.8. | ||||
| CVE-2025-31852 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in N-Media Bulk Product Sync allows Cross Site Request Forgery. This issue affects Bulk Product Sync: from n/a through 8.6. | ||||
| CVE-2024-30946 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 5.5 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php. | ||||
| CVE-2024-30965 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 8.8 High |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. | ||||
| CVE-2024-29684 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 9.8 Critical |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2024-1231 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 6.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack | ||||
| CVE-2024-1232 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 4.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack | ||||
| CVE-2024-1962 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 8.8 High |
| The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack | ||||
| CVE-2025-30565 | 2025-04-01 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in karrikas banner-manager allows Stored XSS. This issue affects banner-manager: from n/a through 16.04.19. | ||||
| CVE-2024-24702 | 1 Sivel | 1 Pagerestrict | 2025-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5. | ||||
| CVE-2023-51683 | 1 Wpplugin | 1 Easy Paypal \& Stripe Buy Now Button | 2025-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a through 1.8.1. | ||||
| CVE-2023-52223 | 1 Mailerlite | 1 Mailerlite | 2025-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8. | ||||
| CVE-2024-25931 | 1 Heureka | 1 Heureka | 2025-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8. | ||||