Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVEs (9,313)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-31404 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Wladyslaw Madejczyk AF Tell a Friend af-tell-a-friend allows Stored XSS.This issue affects AF Tell a Friend: from n/a through <= 1.4.
CVE-2025-31402 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in NewsBoard Plugin NewsBoard Post and RSS Scroller newsboard allows Stored XSS.This issue affects NewsBoard Post and RSS Scroller: from n/a through <= 1.2.12.
CVE-2025-31401 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in mmetrodw MMX – Make Me Christmas mmx-make-me-christmas allows Stored XSS.This issue affects MMX – Make Me Christmas: from n/a through <= 1.0.0.
CVE-2025-31400 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in icyleaf WS Audio Player ws-audio-player allows Stored XSS.This issue affects WS Audio Player: from n/a through <= 1.1.8.
CVE-2025-31399 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Chandan Garg CG Scroll To Top cg-scroll-to-top allows Stored XSS.This issue affects CG Scroll To Top: from n/a through <= 3.5.
CVE-2025-31395 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in a.ankit Easy Custom CSS easy-custom-css allows Stored XSS.This issue affects Easy Custom CSS: from n/a through <= 1.0.
CVE-2025-31393 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in vfvalent Social Bookmarking RELOADED social-bookmarking-reloaded allows Stored XSS.This issue affects Social Bookmarking RELOADED: from n/a through <= 3.18.
CVE-2025-31392 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Shameem Reza Smart Product Gallery Slider smart-product-gallery-slider allows Cross Site Request Forgery.This issue affects Smart Product Gallery Slider: from n/a throug...Show more Cross-Site Request Forgery (CSRF) vulnerability in Shameem Reza Smart Product Gallery Slider smart-product-gallery-slider allows Cross Site Request Forgery.This issue affects Smart Product Gallery Slider: from n/a through <= 1.0.4.Show less
CVE-2025-31391 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in regen Script Compressor script-compressor allows Stored XSS.This issue affects Script Compressor: from n/a through <= 1.7.1.
CVE-2025-31390 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through <= 0.9.6.1.
CVE-2025-31388 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in doa The World the-world allows Stored XSS.This issue affects The World: from n/a through <= 0.4.
CVE-2025-31385 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in intelcaprep Site Table of Contents site-table-of-contents allows Stored XSS.This issue affects Site Table of Contents: from n/a through <= 0.3.
CVE-2025-31383 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in sodena FrescoChat Live Chat flexytalk-widget allows Stored XSS.This issue affects FrescoChat Live Chat: from n/a through <= 3.2.6.
CVE-2025-31382 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in theode Language Field language-field allows Stored XSS.This issue affects Language Field: from n/a through <= 0.9.
CVE-2025-31375 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in bhoogterp Scheduled scheduled allows Stored XSS.This issue affects Scheduled: from n/a through <= 1.0.
CVE-2025-31038 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs essential-breadcrumbs allows Privilege Escalation.This issue affects Essential Breadcrumbs: from n/a through <= 1.1.1.
CVE-2025-31036 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WPSOLR WPSolr wpsolr-free allows Privilege Escalation.This issue affects WPSolr: from n/a through <= 24.0.
CVE-2025-31034 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through <= 1.1.
CVE-2025-31033 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Adam Nowak Buddypress Humanity buddypress-humanity allows Cross Site Request Forgery.This issue affects Buddypress Humanity: from n/a through <= 1.2.
CVE-2025-31032 - - Apr 23, 2026 Apr 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Pagopar - Grupo M S.A. Pagopar – WooCommerce Gateway pagopar-woocommerce-gateway allows Stored XSS.This issue affects Pagopar – WooCommerce Gateway: from n/a through <=...Show more Cross-Site Request Forgery (CSRF) vulnerability in Pagopar - Grupo M S.A. Pagopar – WooCommerce Gateway pagopar-woocommerce-gateway allows Stored XSS.This issue affects Pagopar – WooCommerce Gateway: from n/a through <= 2.7.1.Show less

Previous 1...858687...466 Next