Total
7510 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-48342 | 2025-05-21 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in RedefiningTheWeb Dynamic Pricing & Discounts Lite for WooCommerce allows Cross Site Request Forgery. This issue affects Dynamic Pricing & Discounts Lite for WooCommerce: from n/a through 2.0.3. | |||||
| CVE-2025-48264 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in artiosmedia Product Code for WooCommerce allows Cross Site Request Forgery. This issue affects Product Code for WooCommerce: from n/a through 1.5.0. | |||||
| CVE-2025-48259 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico España allows Cross Site Request Forgery. This issue affects WP Mapa Politico España: from n/a through 3.8.0. | |||||
| CVE-2025-48284 | 2025-05-21 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in shohei.tanaka Japanized For WooCommerce allows Cross Site Request Forgery. This issue affects Japanized For WooCommerce: from n/a through 2.6.40. | |||||
| CVE-2025-48344 | 2025-05-21 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ed4becky Rootspersona allows Cross Site Request Forgery. This issue affects Rootspersona: from n/a through 3.7.5. | |||||
| CVE-2025-48265 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Pektsekye Year Make Model Search for WooCommerce allows Cross Site Request Forgery. This issue affects Year Make Model Search for WooCommerce: from n/a through 1.0.11. | |||||
| CVE-2025-48255 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross Site Request Forgery. This issue affects Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP: from n/a through 6.2.4. | |||||
| CVE-2025-48233 | 2025-05-21 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in affmngr Affiliates Manager Google reCAPTCHA Integration allows Stored XSS. This issue affects Affiliates Manager Google reCAPTCHA Integration: from n/a through 1.0.6. | |||||
| CVE-2025-48238 | 2025-05-21 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in awcode AWcode Toolkit allows Stored XSS. This issue affects AWcode Toolkit: from n/a through 1.0.18. | |||||
| CVE-2025-48285 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in sbouey Falang multilanguage allows Cross Site Request Forgery. This issue affects Falang multilanguage: from n/a through 1.3.61. | |||||
| CVE-2025-48243 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.26. | |||||
| CVE-2025-39371 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Author Box Plugin With Different Description allows Cross Site Request Forgery.This issue affects Author Box Plugin With Different Description: from n/a through 1.3.5. | |||||
| CVE-2025-43835 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ktsvetkov allows Cross Site Request Forgery.This issue affects wp-cyr-cho: from n/a through 0.1. | |||||
| CVE-2025-39375 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ashok G Easy Child Theme Creator allows Cross Site Request Forgery.This issue affects Easy Child Theme Creator: from n/a through 1.3.1. | |||||
| CVE-2025-39351 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Restaurant WordPress allows Cross Site Request Forgery.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-47583 | 2025-05-21 | N/A | 5.4 MEDIUM | ||
| Unauthenticated Cross Site Request Forgery (CSRF) in Salon booking system <= 10.16 versions. | |||||
| CVE-2025-48340 | 2025-05-21 | N/A | 9.8 CRITICAL | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Danny Vink User Profile Meta Manager allows Privilege Escalation.This issue affects User Profile Meta Manager: from n/a through 1.02. | |||||
| CVE-2025-43840 | 2025-05-21 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ref CheckBot allows Stored XSS.This issue affects CheckBot: from n/a through 1.05. | |||||
| CVE-2025-39374 | 2025-05-21 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in aseem1234 Best Posts Summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through 1.0. | |||||
| CVE-2025-5033 | 2025-05-21 | 5.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||