Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVEs (9,314)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-25100 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in victoracano Cazamba cazamba allows Reflected XSS.This issue affects Cazamba: from n/a through <= 1.2.
CVE-2025-25086 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Secret Meta facebook-secret-meta allows Reflected XSS.This issue affects Secret Meta: from n/a through <= 1.2.1.
CVE-2025-30923 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Message for WooCommerce gift-message-for-woocommerce allows Cross Site Request Forgery.This issue affects Gift Message for WooCommerce: from n/a through...Show more Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Message for WooCommerce gift-message-for-woocommerce allows Cross Site Request Forgery.This issue affects Gift Message for WooCommerce: from n/a through <= 1.7.8.Show less
CVE-2025-30919 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Store Locator Widgets Store Locator Widget store-locator-widget allows Stored XSS.This issue affects Store Locator Widget: from n/a through <= 2025r2.
CVE-2025-30912 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through <= 6.1.2.
CVE-2025-30888 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Cross Site Request Forgery.This issue affec...Show more Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Cross Site Request Forgery.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through <= 1.1.Show less
CVE-2025-30872 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce wc-product-author allows Cross Site Request Forgery.This issue affects Product Author for WooCommerce: from n/a through <= 1...Show more Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce wc-product-author allows Cross Site Request Forgery.This issue affects Product Author for WooCommerce: from n/a through <= 1.0.7.Show less
CVE-2025-30865 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite 3dprint-lite allows Cross Site Request Forgery.This issue affects 3DPrint Lite: from n/a through <= 2.1.3.5.
CVE-2025-30863 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms integration-for-contact-form-7-and-google-sheets allows Cross Site Request Fo...Show more Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms integration-for-contact-form-7-and-google-sheets allows Cross Site Request Forgery.This issue affects Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through <= 1.0.9.Show less
CVE-2025-30862 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.22.
CVE-2025-30857 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce currency-switcher-for-woocommerce allows Stored XSS.This issue affects Currency Switcher for WooCommerce: from n/a through...Show more Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce currency-switcher-for-woocommerce allows Stored XSS.This issue affects Currency Switcher for WooCommerce: from n/a through <= 0.0.7.Show less
CVE-2025-30856 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Cross Site Request Forgery.This issue affects Custom Field For WP Job Manager: from n/...Show more Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Cross Site Request Forgery.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.4.Show less
CVE-2025-30854 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial...Show more Cross-Site Request Forgery (CSRF) vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through <= 2.7.7.Show less
CVE-2025-30842 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda christmas-panda allows Cross Site Request Forgery.This issue affects Christmas Panda: from n/a through <= 1.0.4.
CVE-2025-30833 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D verge3d allows Cross Site Request Forgery.This issue affects Verge3D: from n/a through <= 4.8.2.
CVE-2025-30823 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize anthologize allows Cross Site Request Forgery.This issue affects Anthologize: from n/a through <= 0.8.2.
CVE-2025-30822 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom Login Logo ideal-wp-login-logo-changer allows Cross Site Request Forgery.This issue affects Custom Login Logo: from n/a through <= 1.1.7.
CVE-2025-30816 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification publish-post-email-notification allows Cross Site Request Forgery.This issue affects publish post email notification: from n/a throug...Show more Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification publish-post-email-notification allows Cross Site Request Forgery.This issue affects publish post email notification: from n/a through <= 1.0.2.3.Show less
CVE-2025-30815 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting hesabfa-accounting allows Cross Site Request Forgery.This issue affects Hesabfa Accounting: from n/a through <= 2.1.8.
CVE-2025-30811 - - Apr 23, 2026 Mar 27, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify validar-certificados-de-cursos allows Cross Site Request Forgery.This issue affects ValidateCertify: from n/a through <= 1.6.1.

Previous 1...929394...466 Next