CWE-35 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10144 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-35684	1 10up	1 Elasticpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress elasticpress.This issue affects ElasticPress: from n/a through <= 5.1.1.
CVE-2024-34828	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.32.
CVE-2024-34814	1 Brizy	1 Unyson	2026-04-23	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Unyson Unyson unyson.This issue affects Unyson: from n/a through <= 2.7.29.
CVE-2024-34557			2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through <= 1.5.4.
CVE-2024-33689			2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio Station radio-station.This issue affects Radio Station: from n/a through <= 2.5.7.
CVE-2024-33678	1 Clickcease	1 Clickcease	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in eranfl ClickCease Click Fraud Protection clickcease-click-fraud-protection.This issue affects ClickCease Click Fraud Protection: from n/a through <= 3.2.7.
CVE-2024-32699	1 Wordpress	1 Yith Woocommerce Compare	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH WooCommerce Compare yith-woocommerce-compare.This issue affects YITH WooCommerce Compare: from n/a through <= 2.37.0.
CVE-2024-32445	1 Saleswonder	1 Webinarignition	2026-04-23	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition.This issue affects WebinarIgnition: from n/a through <= 3.05.8.
CVE-2024-32435	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in perrinalexandre05 AffiEasy affieasy.This issue affects AffiEasy: from n/a through <= 1.1.4.
CVE-2024-32433	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through <= 4.5.4.
CVE-2024-32141	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in libsyn Libsyn Publisher Hub libsyn-podcasting.This issue affects Libsyn Publisher Hub: from n/a through <= 1.4.4.
CVE-2024-31942			2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.This issue affects Calendarista Basic Edition: from n/a through <= 3.0.2.
CVE-2024-31924			2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in nosilver4u EWWW Image Optimizer ewww-image-optimizer.This issue affects EWWW Image Optimizer: from n/a through <= 7.2.3.
CVE-2024-31433			2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in StellarWP The Events Calendar the-events-calendar.This issue affects The Events Calendar: from n/a through <= 6.3.0.
CVE-2024-31424	1 Idehweb	1 Login With Phone Number	2026-04-23	8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through <= 1.6.93.
CVE-2024-30493	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.7.
CVE-2024-29093			2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team: Tobias Builder for WooCommerce reviews shortcodes – ReviewShort woo-product-reviews-shortcode.This issue affects Builder for WooCommerce reviews shortcodes – ReviewShort: from n/a through <= 1.01.3.
CVE-2024-27195			2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in sverde1 Watermark RELOADED watermark-reloaded allows Cross Site Request Forgery.This issue affects Watermark RELOADED: from n/a through <= 1.3.5.
CVE-2024-25932	1 Youngtechleads	1 Change Table Prefix	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix change-table-prefix allows Cross Site Request Forgery.This issue affects Change Table Prefix: from n/a through <= 2.0.
CVE-2026-4121	2 Ksolves, Wordpress	2 Kcaptcha, Wordpress	2026-04-23	4.3 Medium
The Kcaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.1. This is due to missing nonce validation in the plugin's settings page handler (admin/setting.php). The settings form does not include a wp_nonce_field() and the form processing code does not call wp_verify_nonce() or check_admin_referer() before saving settings to the database via $wpdb->update(). This makes it possible for unauthenticated attackers to modify the plugin's CAPTCHA settings (enabling or disabling CAPTCHA on login, registration, lost password, and comment forms) via a forged request, granted they can trick a site administrator into performing an action such as clicking a link.

« first previous Page 114 of 508. next last »