Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVEs (9,314)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-31460 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in danielmuldernl OmniLeads Scripts and Tags Manager omnileads-scripts-and-tags-manager allows Stored XSS.This issue affects OmniLeads Scripts and Tags Manager: from n/a th...Show more Cross-Site Request Forgery (CSRF) vulnerability in danielmuldernl OmniLeads Scripts and Tags Manager omnileads-scripts-and-tags-manager allows Stored XSS.This issue affects OmniLeads Scripts and Tags Manager: from n/a through <= 1.3.Show less
CVE-2025-31459 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in PasqualePuzio Login Alert login-alert allows Stored XSS.This issue affects Login Alert: from n/a through <= 0.2.1.
CVE-2025-31458 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in forsgren Video Embedder video-embedder allows Stored XSS.This issue affects Video Embedder: from n/a through <= 1.7.1.
CVE-2025-31457 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Aurélien LWS LWS SMS lws-sms allows Cross Site Request Forgery.This issue affects LWS SMS: from n/a through <= 2.4.1.
CVE-2025-31456 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in bsndev Ultimate Security Checker ultimate-security-checker allows Cross Site Request Forgery.This issue affects Ultimate Security Checker: from n/a through <= 4.2.
CVE-2025-31449 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in EricH The Visitor Counter the-visitor-counter allows Stored XSS.This issue affects The Visitor Counter: from n/a through <= 1.4.3.
CVE-2025-31448 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in misteraon Simple Trackback Disabler simple-trackback-disabler allows Cross Site Request Forgery.This issue affects Simple Trackback Disabler: from n/a through <= 1.4.
CVE-2025-31447 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in nertworks NertWorks All in One Social Share Tools nertworks-all-in-one-social-share-tools allows Cross Site Request Forgery.This issue affects NertWorks All in One Socia...Show more Cross-Site Request Forgery (CSRF) vulnerability in nertworks NertWorks All in One Social Share Tools nertworks-all-in-one-social-share-tools allows Cross Site Request Forgery.This issue affects NertWorks All in One Social Share Tools: from n/a through <= 1.26.Show less
CVE-2025-31444 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in youtag ShowTime Slideshow showtime-slideshow allows Stored XSS.This issue affects ShowTime Slideshow: from n/a through <= 1.6.
CVE-2025-31443 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Furtak KK I Like It kk-i-like-it allows Stored XSS.This issue affects KK I Like It: from n/a through <= 1.7.5.3.
CVE-2025-31440 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Terms of Use terms-of-use-2 allows Stored XSS.This issue affects Terms of Use: from n/a through <= 2.0.
CVE-2025-31439 - - Apr 28, 2026 Mar 28, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in tobias_.MerZ Browser Caching with .htaccess allows Cross Site Request Forgery. This issue affects Browser Caching with .htaccess: from 1.2.1 through n/a.
CVE-2025-31438 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Benoit De Boeck WP Supersized wp-supersized allows Cross Site Request Forgery.This issue affects WP Supersized: from n/a through <= 3.1.6.
CVE-2025-31435 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Efficient Scripts Microblog Poster microblog-poster allows Stored XSS.This issue affects Microblog Poster: from n/a through <= 2.1.6.
CVE-2025-31079 - - Apr 23, 2026 Mar 28, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven usermaven allows Cross Site Request Forgery.This issue affects Usermaven: from n/a through <= 1.2.1.
CVE-2025-1762 1Vollstart 1Event Tickets With Ticket Scanner Apr 17, 2025 Mar 28, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Event Tickets with Ticket Scanner WordPress plugin before 2.5.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2025-22637 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print PDF Generator and Publisher nopeamedia allows Cross Site Request Forgery.This issue affects Print PDF Generator and Publisher: from n/a through <= 1....Show more Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print PDF Generator and Publisher nopeamedia allows Cross Site Request Forgery.This issue affects Print PDF Generator and Publisher: from n/a through <= 1.2.0.Show less
CVE-2025-22634 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hossain Easy Booked – Appointment Booking and Scheduling Management System for WordPress easy-booked allows Cross Site Request Forgery.This issue affects...Show more Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hossain Easy Booked – Appointment Booking and Scheduling Management System for WordPress easy-booked allows Cross Site Request Forgery.This issue affects Easy Booked – Appointment Booking and Scheduling Management System for WordPress: from n/a through <= 2.4.5.Show less
CVE-2025-22669 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through <= 2.7.5.
CVE-2025-22658 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Listings for Appfolio Listings for Appfolio listings-for-appfolio allows Stored XSS.This issue affects Listings for Appfolio: from n/a through <= 1.2.0.

Previous 1...919293...466 Next