Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVEs (9,313)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-53274 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Hossin Asaadi WP Permalink Translator wp-permalink-translator allows Stored XSS.This issue affects WP Permalink Translator: from n/a through <= 1.7.6.
CVE-2025-53273 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Slickstream Slickstream slick-engagement allows Cross Site Request Forgery.This issue affects Slickstream: from n/a through <= 2.0.3.
CVE-2025-53272 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in opicron Image Cleanup image-cleanup allows Cross Site Request Forgery.This issue affects Image Cleanup: from n/a through <= 1.9.2.
CVE-2025-53271 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Anton Bond Additional Order Filters for WooCommerce additional-order-filters-for-woocommerce allows Stored XSS.This issue affects Additional Order Filters for WooCommerc...Show more Cross-Site Request Forgery (CSRF) vulnerability in Anton Bond Additional Order Filters for WooCommerce additional-order-filters-for-woocommerce allows Stored XSS.This issue affects Additional Order Filters for WooCommerce: from n/a through <= 1.22.Show less
CVE-2025-53270 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Blend Media WordPress CTA easy-sticky-sidebar allows Cross Site Request Forgery.This issue affects WordPress CTA: from n/a through <= 1.7.0.
CVE-2025-53269 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in imw3 My Wp Brand my-wp-brand allows Cross Site Request Forgery.This issue affects My Wp Brand: from n/a through <= 1.1.3.
CVE-2025-53268 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in ryanpcmcquen Import external attachments import-external-attachments allows Cross Site Request Forgery.This issue affects Import external attachments: from n/a through <...Show more Cross-Site Request Forgery (CSRF) vulnerability in ryanpcmcquen Import external attachments import-external-attachments allows Cross Site Request Forgery.This issue affects Import external attachments: from n/a through <= 1.5.12.Show less
CVE-2025-53267 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Aftab Husain Hide Admin Bar From Front End hide-admin-bar-from-front-end allows Cross Site Request Forgery.This issue affects Hide Admin Bar From Front End: from n/a thr...Show more Cross-Site Request Forgery (CSRF) vulnerability in Aftab Husain Hide Admin Bar From Front End hide-admin-bar-from-front-end allows Cross Site Request Forgery.This issue affects Hide Admin Bar From Front End: from n/a through <= 1.0.0.Show less
CVE-2025-53265 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Virusdie Virusdie virusdie allows Cross Site Request Forgery.This issue affects Virusdie: from n/a through <= 1.1.3.
CVE-2025-53264 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Konrád Koller ONet Regenerate Thumbnails onet-regenerate-thumbnails allows Cross Site Request Forgery.This issue affects ONet Regenerate Thumbnails: from n/a through <=...Show more Cross-Site Request Forgery (CSRF) vulnerability in Konrád Koller ONet Regenerate Thumbnails onet-regenerate-thumbnails allows Cross Site Request Forgery.This issue affects ONet Regenerate Thumbnails: from n/a through <= 1.5.Show less
CVE-2025-53263 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms gf-google-address-autocomplete allows Cross Site Request Forgery.This issue affects Address Autocomplete vi...Show more Cross-Site Request Forgery (CSRF) vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms gf-google-address-autocomplete allows Cross Site Request Forgery.This issue affects Address Autocomplete via Google for Gravity Forms: from n/a through <= 1.3.4.Show less
CVE-2025-53262 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Writesonic Writesonic writesonic allows Cross Site Request Forgery.This issue affects Writesonic: from n/a through <= 1.0.5.
CVE-2025-53261 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in macbookandrew WP YouTube Live wp-youtube-live allows Cross Site Request Forgery.This issue affects WP YouTube Live: from n/a through <= 1.10.0.
CVE-2025-53254 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Cyrlitera cyrlitera allows Cross Site Request Forgery.This issue affects Cyrlitera: from n/a through <= 1.3.0.
CVE-2025-53203 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Cross Site Request Forgery.This issue affects WooCommerce PDF Invoice Builder: from n/a through...Show more Cross-Site Request Forgery (CSRF) vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Cross Site Request Forgery.This issue affects WooCommerce PDF Invoice Builder: from n/a through <= 1.2.148.Show less
CVE-2025-53197 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in cookiebot Cookiebot cookiebot allows Cross Site Request Forgery.This issue affects Cookiebot: from n/a through <= 4.5.8.
CVE-2025-53193 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Burst Statistics B.V. Burst Statistics burst-statistics allows Cross Site Request Forgery.This issue affects Burst Statistics: from n/a through <= 2.0.6.
CVE-2025-32281 - - Apr 23, 2026 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite: from n/a through <= 1.2.8.
CVE-2025-5936 1Vr Calendar Project 1Vr Calendar Jul 7, 2025 Jun 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar() function. This make...Show more The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar() function. This makes it possible for unauthenticated attackers to trigger a calendar sync via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
CVE-2025-48921 1Getopensocial 1Open Social Jul 9, 2025 Jun 26, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affects Open Social: from 0.0.0 before 12.3.14, from 12.4.0 before 12.4.13.

Previous 1...636465...466 Next