Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVEs (9,313)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-32655 - - Apr 23, 2026 Apr 17, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in DevriX Restrict User Registration restrict-user-registration allows Stored XSS.This issue affects Restrict User Registration: from n/a through <= 1.0.1.
CVE-2025-32606 - - Apr 23, 2026 Apr 17, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Listings for Buildium listings-for-buildium allows Stored XSS.This issue affects Listings for Buildium: from n/a through <= 0.1.5.
CVE-2025-32546 - - Apr 23, 2026 Apr 17, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in gtlwpdev All push notification for WP all-push-notification allows Reflected XSS.This issue affects All push notification for WP: from n/a through <= 1.5.3.
CVE-2025-32545 - - Apr 29, 2026 Apr 17, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in SOFTAGON WooCommerce Products without featured images woocommerce-products-without-featured-images allows Reflected XSS.This issue affects WooCommerce Products without f...Show more Cross-Site Request Forgery (CSRF) vulnerability in SOFTAGON WooCommerce Products without featured images woocommerce-products-without-featured-images allows Reflected XSS.This issue affects WooCommerce Products without featured images: from n/a through <= 0.1.Show less
CVE-2025-39472 1Wpwebelite 1Woocommerce Social Login Apr 23, 2026 Apr 16, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in wpweb WooCommerce Social Login woo-social-login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through < 2.8.3.
CVE-2025-39601 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 9.6 CRITICAL· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through <= 2.4.1.
CVE-2025-39600 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for WooCommerce and QuickBooks wp-woocommerce-quickbooks allows Cross Site Request Forgery.This issue affects Integration for WooCommerce and Quick...Show more Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for WooCommerce and QuickBooks wp-woocommerce-quickbooks allows Cross Site Request Forgery.This issue affects Integration for WooCommerce and QuickBooks: from n/a through <= 1.3.1.Show less
CVE-2025-39593 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in EverAccounting Ever Accounting wp-ever-accounting allows Cross Site Request Forgery.This issue affects Ever Accounting: from n/a through <= 2.1.5.
CVE-2025-39564 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Shipping for WooCommerce conditional-shipping-for-woocommerce allows Cross Site Request Forgery.This issue affects Conditional Shipping for WooCommer...Show more Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Shipping for WooCommerce conditional-shipping-for-woocommerce allows Cross Site Request Forgery.This issue affects Conditional Shipping for WooCommerce: from n/a through <= 3.4.0.Show less
CVE-2025-39563 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Payments for WooCommerce conditional-payments-for-woocommerce allows Cross Site Request Forgery.This issue affects Conditional Payments for WooCommer...Show more Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Payments for WooCommerce conditional-payments-for-woocommerce allows Cross Site Request Forgery.This issue affects Conditional Payments for WooCommerce: from n/a through <= 3.3.0.Show less
CVE-2025-39548 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Right Click Disable OR Ban right-click-disable-or-ban allows Stored XSS.This issue affects Right Click Disable OR Ban: from n/a through <= 1.1.17.
CVE-2025-39547 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Internal Link Optimiser internal-link-finder allows Stored XSS.This issue affects Internal Link Optimiser: from n/a through <= 5.1.3.
CVE-2025-39546 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite allows Cross Site Request Forgery.This issue affects ElementsReady Addons for Elementor: from n/a throu...Show more Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite allows Cross Site Request Forgery.This issue affects ElementsReady Addons for Elementor: from n/a through <= 6.6.2.Show less
CVE-2025-39544 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 7.4 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in sminozzi WP Tools wptools allows Path Traversal.This issue affects WP Tools: from n/a through <= 5.18.
CVE-2025-39530 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through <= 2.1.8.
CVE-2025-39517 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basic Interactive World Map basic-interactive-world-map allows Cross Site Request Forgery.This issue affects Basic Interactive World Map: from n/a through...Show more Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basic Interactive World Map basic-interactive-world-map allows Cross Site Request Forgery.This issue affects Basic Interactive World Map: from n/a through <= 2.7.Show less
CVE-2025-39512 - - Apr 23, 2026 Apr 16, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Yuya Hoshino Bulk Term Editor bulk-term-editor allows Cross Site Request Forgery.This issue affects Bulk Term Editor: from n/a through <= 1.1.4.
CVE-2025-3687 1Misstt123 1Oasys Jun 25, 2025 Apr 16, 2025 5.3 MEDIUM· v4 4.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability, which was classified as problematic, has been found in misstt123 oasys 1.0. Affected by this issue is some unknown functionality of the component Sticky Notes Handler. The manipulation leads to cross-sit...Show more A vulnerability, which was classified as problematic, has been found in misstt123 oasys 1.0. Affected by this issue is some unknown functionality of the component Sticky Notes Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.Show less
CVE-2025-30967 - - Apr 28, 2026 Apr 15, 2025 N/A· v4 9.6 CRITICAL· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Upload a Web Shell to a Web Server. This issue affects WPJobBoard: from n/a through n/a.
CVE-2025-26903 - - Apr 23, 2026 Apr 15, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery inpost-gallery allows Cross Site Request Forgery.This issue affects InPost Gallery: from n/a through <= 2.1.4.3.

Previous 1...818283...466 Next