Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32739 | 1 Hamidrezasepehr | 1 Custom Cursors | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Web_Trendy WP Custom Cursors | WordPress Cursor Plugin plugin < 3.2 versions. | ||||
| CVE-2023-29428 | 1 Superbthemes | 1 Superb Social Media Share Buttons And Follow Buttons | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <= 1.1.3 versions. | ||||
| CVE-2022-47181 | 1 Wpexperts | 1 Email Templates Customizer And Designer | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpexpertsio Email Templates Customizer and Designer for WordPress and WooCommerce email-templates allows Cross Site Request Forgery.This issue affects Email Templates Customizer and Designer for WordPress and WooCommerce: from n/a through 1.4.2. | ||||
| CVE-2022-29489 | 1 Sucuri | 1 Security | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation. | ||||
| CVE-2023-37391 | 1 Wpmobilepack | 1 Wordpress Mobile Pack | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps plugin <= 3.4.1 versions. | ||||
| CVE-2023-34185 | 1 Wordpress Nextgen Galleryview Project | 1 Wordpress Nextgen Galleryview | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions. | ||||
| CVE-2023-34029 | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications Project | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable WordPress Update Notifications and auto-update Email Notifications plugin <= 2.3.3 versions. | ||||
| CVE-2023-37968 | 1 Faboba | 1 Falang | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. | ||||
| CVE-2023-37992 | 1 Presspage | 1 Smarty For Wordpress | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | ||||
| CVE-2023-37996 | 1 Gtmetrix | 1 Gtmetrix | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. | ||||
| CVE-2023-44233 | 1 Fooplugins | 1 Foogallery | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in FooPlugins Best WordPress Gallery Plugin – FooGallery plugin <= 2.2.44 versions. | ||||
| CVE-2023-41694 | 1 Realbig | 1 Realbig | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Realbig Team Realbig For WordPress plugin <= 1.0.3 versions. | ||||
| CVE-2023-45052 | 1 Dan009 | 1 Wp Bing Map Pro | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP Bing Map Pro plugin < 5.0 versions. | ||||
| CVE-2023-41131 | 1 Followingmedarling | 1 Spotify Play Button | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <= 2.10 versions. | ||||
| CVE-2023-45831 | 1 Pixelative | 1 Google Amp | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Pixelative, Mohsin Rafique AMP WP – Google AMP For WordPress plugin <= 1.5.15 versions. | ||||
| CVE-2023-46152 | 1 Pluginus | 1 Wolf - Wordpress Posts Bulk Editor And Products Manager Professional | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions. | ||||
| CVE-2023-5802 | 1 Wpknowledgebase | 1 Wp Knowledgebase | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mihai Iova WordPress Knowledge base & Documentation Plugin – WP Knowledgebase plugin <= 1.3.4 versions. | ||||
| CVE-2025-0865 | 2025-02-19 | 6.5 Medium | ||
| The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation on the wp_mcm_handle_action_settings() function. This makes it possible for unauthenticated attackers to alter plugin settings, such as the taxonomy used for media, the base slug for media categories, and the default media category via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2023-0498 | 1 Hasthemes | 1 Wp Education | 2025-02-19 | 4.3 Medium |
| The WP Education WordPress plugin before 1.2.7 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack | ||||
| CVE-2023-0335 | 1 Wpvar | 1 Wp Shamsi | 2025-02-19 | 6.5 Medium |
| The WP Shamsi WordPress plugin through 4.3.3 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber delete attachment. | ||||