Vulnerabilities (CVE)

Filtered by CWE-352
Total 7746 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-32546 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in gtlwpdev All push notification for WP allows Reflected XSS. This issue affects All push notification for WP: from n/a through 1.5.3.
CVE-2025-39441 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in swedish boy Dashboard Notepads allows Stored XSS. This issue affects Dashboard Notepads: from n/a through 1.2.1.
CVE-2025-32606 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Listings for Buildium allows Stored XSS. This issue affects Listings for Buildium: from n/a through 0.1.4.
CVE-2025-32545 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in SOFTAGON WooCommerce Products without featured images allows Reflected XSS. This issue affects WooCommerce Products without featured images: from n/a through 0.1.
CVE-2025-39415 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Jayesh Parejiya Social Media Links allows Stored XSS. This issue affects Social Media Links: from n/a through 1.0.3.
CVE-2025-39424 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in simplemaps Simple Maps allows Stored XSS. This issue affects Simple Maps: from n/a through 0.98.
CVE-2025-39422 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in PResponsive WP Social Bookmarking allows Stored XSS. This issue affects WP Social Bookmarking: from n/a through 3.6.
CVE-2025-39417 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Eslam Mahmoud Redirect wordpress to welcome or landing page allows Stored XSS. This issue affects Redirect wordpress to welcome or landing page: from n/a through 2.0.
CVE-2025-39455 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in ip2location IP2Location Variables allows Reflected XSS. This issue affects IP2Location Variables: from n/a through 2.9.5.
CVE-2025-39431 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Aaron Forgue Amazon Showcase WordPress Plugin allows Stored XSS. This issue affects Amazon Showcase WordPress Plugin: from n/a through 2.2.
CVE-2025-39437 2025-04-17 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize allows Cross Site Request Forgery. This issue affects Anthologize: from n/a through 0.8.3.
CVE-2025-39419 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in David Miller Revision Diet allows Stored XSS. This issue affects Revision Diet: from n/a through 1.0.1.
CVE-2025-39416 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Ichi translit it! allows Stored XSS. This issue affects translit it!: from n/a through 1.6.
CVE-2025-39438 2025-04-17 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery. This issue affects Theme Changer: from n/a through 1.3.
CVE-2025-32655 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in DevriX Restrict User Registration allows Stored XSS. This issue affects Restrict User Registration: from n/a through 1.0.1.
CVE-2025-39421 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Mustafa KUCUK WP Sticky Side Buttons allows Stored XSS. This issue affects WP Sticky Side Buttons: from n/a through 2.1.
CVE-2025-39425 2025-04-17 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in pixelgrade Style Manager allows Cross Site Request Forgery. This issue affects Style Manager: from n/a through 2.2.7.
CVE-2025-39426 2025-04-17 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in illow illow – Cookies Consent allows Cross Site Request Forgery. This issue affects illow – Cookies Consent: from n/a through 0.2.0.
CVE-2025-39433 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in beke_ro Bknewsticker allows Stored XSS. This issue affects Bknewsticker: from n/a through 1.0.5.
CVE-2025-39440 2025-04-17 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Broken Links Remover allows Stored XSS. This issue affects Broken Links Remover: from n/a through 1.2.2.