Total
9114 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46241 | 1 Codepeople | 1 Appointment Booking Calendar | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows SQL Injection.This issue affects Appointment Booking Calendar: from n/a through <= 1.3.92. | ||||
| CVE-2025-46231 | 1 Servit | 1 Affiliate-toolkit | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in SERVIT Software Solutions affiliate-toolkit affiliate-toolkit-starter allows Cross Site Request Forgery.This issue affects affiliate-toolkit: from n/a through <= 3.7.3. | ||||
| CVE-2025-39472 | 2 Wpweb, Wpwebelite | 2 Woocommerce Social Login, Woocommerce Social Login | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpweb WooCommerce Social Login woo-social-login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through < 2.8.3. | ||||
| CVE-2025-39351 | 1 Themegoods | 1 Grand Restaurant | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Cross Site Request Forgery.This issue affects Grand Restaurant: from n/a through <= 7.0. | ||||
| CVE-2025-32280 | 1 Wedevs | 1 Wp Project Manager | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through < 2.6.25. | ||||
| CVE-2025-31828 | 1 Easyappointments | 1 Easy\!appointments | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in alextselegidis Easy!Appointments easyappointments allows Cross Site Request Forgery.This issue affects Easy!Appointments: from n/a through <= 1.4.2. | ||||
| CVE-2025-28876 | 1 Skrill | 1 Skrill | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Skrill_Team Skrill Official official-skrill-woocommerce allows Cross Site Request Forgery.This issue affects Skrill Official: from n/a through <= 1.0.66. | ||||
| CVE-2025-28868 | 1 Condenast | 1 Ziplist Recipe | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ZipList ZipList Recipe ziplist-recipe-plugin allows Cross Site Request Forgery.This issue affects ZipList Recipe: from n/a through <= 3.1. | ||||
| CVE-2025-28867 | 1 Stesvis | 1 Frontpage Category Filter | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in stesvis Frontpage category filter frontpage-category-filter allows Cross Site Request Forgery.This issue affects Frontpage category filter: from n/a through <= 1.0.2. | ||||
| CVE-2025-28866 | 1 Smerriman | 1 Login Logger | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in smerriman Login Logger login-logger allows Cross Site Request Forgery.This issue affects Login Logger: from n/a through <= 1.2.1. | ||||
| CVE-2025-28864 | 1 Planetstudio | 1 Builder For Contact Form 7 | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in planetstudio Builder for Contact Form 7 by Webconstruct cf7-builder allows Cross Site Request Forgery.This issue affects Builder for Contact Form 7 by Webconstruct: from n/a through <= 1.2.2. | ||||
| CVE-2025-28863 | 1 Carlosminatti | 1 Delete Original Image | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Carlos Minatti Delete Original Image delete-original-image allows Cross Site Request Forgery.This issue affects Delete Original Image: from n/a through <= 0.4. | ||||
| CVE-2025-28862 | 1 Venugopal | 1 Comment Date And Gravatar Remover | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Comment Date and Gravatar remover remove-date-and-gravatar-under-comment allows Cross Site Request Forgery.This issue affects Comment Date and Gravatar remover: from n/a through <= 1.0. | ||||
| CVE-2025-28861 | 1 Bhzad | 1 Wp Jquery Persian Datepicker | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in bhzad WP jQuery Persian Datepicker wpjqp-datepicker allows Stored XSS.This issue affects WP jQuery Persian Datepicker: from n/a through <= 0.1.0. | ||||
| CVE-2025-28860 | 1 Ppdpurveyor | 1 Google News Editors Picks Feed Generator | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through <= 2.1. | ||||
| CVE-2025-28859 | 1 Codevibrant | 1 Maintenance Notice | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in CodeVibrant Maintenance Notice maintenance-notice allows Cross Site Request Forgery.This issue affects Maintenance Notice: from n/a through <= 1.0.6. | ||||
| CVE-2025-28857 | 1 Rankchecker | 1 Rankchecker | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in rankchecker Rankchecker.io Integration rankchecker-io-integration allows Stored XSS.This issue affects Rankchecker.io Integration: from n/a through <= 1.0.9. | ||||
| CVE-2025-28856 | 1 W3counter | 1 W3counter | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in dangrossman W3Counter Free Real-Time Web Stats blog-stats-by-w3counter allows Cross Site Request Forgery.This issue affects W3Counter Free Real-Time Web Stats: from n/a through <= 4.1. | ||||
| CVE-2025-26963 | 1 Flowdee | 1 Clickwhale | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ClickWhale ClickWhale clickwhale allows Cross Site Request Forgery.This issue affects ClickWhale: from n/a through <= 2.4.3. | ||||
| CVE-2025-26910 | 1 Iqonic | 1 Wpbookit | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit wpbookit allows Stored XSS.This issue affects WPBookit: from n/a through <= 1.0.1. | ||||