← Back
CWE-352

9,314 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

JSON object

Loading...

CVEs (9,314)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-30615
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Jacob Schwartz WP e-Commerce Style Email wp-e-commerce-style-email allows Code Injection.This issue affects WP e-Commerce Style Email: from n/a through <= 0.6.2.
CVE-2025-30612
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in mandegarweb Replace Default Words replace-default-words allows Stored XSS.This issue affects Replace Default Words: from n/a through <= 1.3.
CVE-2025-30608
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Anthony WordPress SQL Backup wordpress-sql-backup allows Stored XSS.This issue affects WordPress SQL Backup: from n/a through <= 3.5.2.
CVE-2025-30603
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in DEJAN CopyLink copy-link allows Stored XSS.This issue affects CopyLink: from n/a through <= 1.1.
CVE-2025-30601
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in flipdish Flipdish Ordering System flipdish-ordering-system allows Cross Site Request Forgery.This issue affects Flipdish Ordering System: from n/a through <= 1.5.2.
CVE-2025-30598
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Link OSS Upload oss-upload allows Cross Site Request Forgery.This issue affects OSS Upload: from n/a through <= 4.8.9.
CVE-2025-30588
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ryan_xantoo Map Contact map-contact allows Stored XSS.This issue affects Map Contact: from n/a through <= 3.0.4.
CVE-2025-30587
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in shawfactor LH OGP Meta lh-ogp-meta-tags allows Stored XSS.This issue affects LH OGP Meta: from n/a through <= 1.73.
CVE-2025-30586
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in bbodine1 cTabs ctabs allows Stored XSS.This issue affects cTabs: from n/a through <= 1.3.
CVE-2025-30585
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in marynixie Generate Post Thumbnails generate-post-thumbnails allows Cross Site Request Forgery.This issue affects Generate Post Thumbnails: from n/a through <= 0.8.
CVE-2025-30584
-
-
Apr 28, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in alphaomegaplugins AlphaOmega Captcha & Anti-Spam Filter alphaomega-captcha-anti-spam allows Stored XSS.This issue affects AlphaOmega Captcha & Anti-Spam Filter: from n/a...Show more
Cross-Site Request Forgery (CSRF) vulnerability in alphaomegaplugins AlphaOmega Captcha & Anti-Spam Filter alphaomega-captcha-anti-spam allows Stored XSS.This issue affects AlphaOmega Captcha & Anti-Spam Filter: from n/a through <= 3.3.Show less
CVE-2025-30583
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ProRankTracker Pro Rank Tracker proranktracker allows Stored XSS.This issue affects Pro Rank Tracker: from n/a through <= 1.0.0.
CVE-2025-30578
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in hotvanrod AdSense Privacy Policy adsense-privacy-policy allows Stored XSS.This issue affects AdSense Privacy Policy: from n/a through <= 1.1.1.
CVE-2025-30577
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in mendibass Browser Address Bar Color browser-address-bar-color allows Stored XSS.This issue affects Browser Address Bar Color: from n/a through <= 3.3.
CVE-2025-30576
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Image Autosave hacklog-remote-image-autosave allows Cross Site Request Forgery.This issue affects Hacklog Remote Image Autosave: from n/a t...Show more
Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Image Autosave hacklog-remote-image-autosave allows Cross Site Request Forgery.This issue affects Hacklog Remote Image Autosave: from n/a through <= 2.1.0.Show less
CVE-2025-30572
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Igor Yavych Simple Rating simple-rating allows Stored XSS.This issue affects Simple Rating: from n/a through <= 1.4.
CVE-2025-30568
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in hitoy Super Static Cache super-static-cache allows Cross Site Request Forgery.This issue affects Super Static Cache: from n/a through <= 3.3.5.
CVE-2025-30565
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in karrikas banner-manager banner-manager allows Stored XSS.This issue affects banner-manager: from n/a through <= 16.04.19.
CVE-2025-30564
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in wpwox Custom Script Integration custom-script-integration allows Stored XSS.This issue affects Custom Script Integration: from n/a through <= 2.1.
CVE-2025-30561
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Mouta CAS Maestro cas-maestro allows Stored XSS.This issue affects CAS Maestro: from n/a through <= 1.1.3.