← Back
CWE-352

9,314 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

JSON object

Loading...

CVEs (9,314)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-30560
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through <= 3.0.
CVE-2025-30558
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in EnzoCostantini55 ANAC XML Render anac-xml-render allows Stored XSS.This issue affects ANAC XML Render: from n/a through <= 1.5.7.
CVE-2025-30557
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in odihost Easy 301 Redirects odihost-easy-redirect-301 allows Cross Site Request Forgery.This issue affects Easy 301 Redirects: from n/a through <= 1.33.
CVE-2025-30556
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in flyaga Fix Rss Feeds fix-rss-feed allows Cross Site Request Forgery.This issue affects Fix Rss Feeds: from n/a through <= 3.1.
CVE-2025-30555
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in iiiryan WordPres 同步微博 wp2wb allows Stored XSS.This issue affects WordPres 同步微博: from n/a through <= 1.1.0.
CVE-2025-30552
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Donald Gilbert WordPress Admin Bar Improved wordpress-admin-bar-improved allows Stored XSS.This issue affects WordPress Admin Bar Improved: from n/a through <= 3.3.5.
CVE-2025-30550
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r callphoner allows Stored XSS.This issue affects CallPhone'r: from n/a through <= 1.1.1.
CVE-2025-30549
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Yummly Yummly Rich Recipes yummly-rich-recipes allows Cross Site Request Forgery.This issue affects Yummly Rich Recipes: from n/a through <= 4.2.
CVE-2025-30546
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in boroV Cackle cackle allows Cross Site Request Forgery.This issue affects Cackle: from n/a through <= 4.33.
CVE-2025-30542
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in wpsolutions SoundCloud Ultimate soundcloud-ultimate allows Cross Site Request Forgery.This issue affects SoundCloud Ultimate: from n/a through <= 1.5.
CVE-2025-30541
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Info Boxes Shortcode and Widget info-boxes-shortcode-and-widget allows Cross Site Request Forgery.This issue affects Info Boxes Shortcode and Widget: from n/a...Show more
Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Info Boxes Shortcode and Widget info-boxes-shortcode-and-widget allows Cross Site Request Forgery.This issue affects Info Boxes Shortcode and Widget: from n/a through <= 1.15.Show less
CVE-2025-30538
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ChrisHurst Simple Optimizer simple-optimizer allows Cross Site Request Forgery.This issue affects Simple Optimizer: from n/a through <= 1.2.7.
CVE-2025-30535
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in muro External image replace external-image-replace allows Cross Site Request Forgery.This issue affects External image replace: from n/a through <= 1.0.8.
CVE-2025-30534
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in captcha.soft Image Captcha image-captcha allows Cross Site Request Forgery.This issue affects Image Captcha: from n/a through <= 1.2.
CVE-2025-30531
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking wp-ride-booking allows Cross Site Request Forgery.This issue affects WP Ride Booking: from n/a through <= 2.4.
CVE-2025-30529
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Sébastien Dumont Auto Load Next Post auto-load-next-post allows Cross Site Request Forgery.This issue affects Auto Load Next Post: from n/a through <= 1.5.14.
CVE-2025-30528
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
9.3 CRITICAL· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in wpshopee Awesome Logos awesome-logos allows SQL Injection.This issue affects Awesome Logos: from n/a through <= 1.2.
CVE-2025-30526
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in lucksy Typekit plugin for WordPress typekit allows Cross Site Request Forgery.This issue affects Typekit plugin for WordPress: from n/a through <= 1.2.3.
CVE-2025-30522
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design cf7-material-design allows Stored XSS.This issue affects Contact Form 7 Material Design: from n/a through <= 1.0.0.
CVE-2025-30521
-
-
Apr 23, 2026
Mar 24, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in giangmd93 GP Back To Top gp-back-to-top allows Cross Site Request Forgery.This issue affects GP Back To Top: from n/a through <= 3.0.