Total
8891 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58852 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Mark O'Donnell MSTW League Manager mstw-league-manager allows Stored XSS.This issue affects MSTW League Manager: from n/a through <= 2.10. | ||||
| CVE-2025-58849 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Deepak S Hide Real Download Path hide-real-download-path allows Stored XSS.This issue affects Hide Real Download Path: from n/a through <= 1.6. | ||||
| CVE-2025-58848 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in aakash1911 WP likes wp-likes allows Reflected XSS.This issue affects WP likes: from n/a through <= 3.1.1. | ||||
| CVE-2025-58847 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Yaidier WN Flipbox Pro wn-flipbox-pro allows Reflected XSS.This issue affects WN Flipbox Pro: from n/a through <= 2.1. | ||||
| CVE-2025-58846 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Dejan Markovic WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule buffer-my-post allows Reflected XSS.This issue affects WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule: from n/a through <= 2020.1.0. | ||||
| CVE-2025-58845 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ChrisHurst Bulk Watermark bulk-watermark allows Reflected XSS.This issue affects Bulk Watermark: from n/a through <= 1.6.10. | ||||
| CVE-2025-58844 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Subhash Kumar Database to Excel database-to-excel allows Stored XSS.This issue affects Database to Excel: from n/a through <= 1.0. | ||||
| CVE-2025-58843 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in David Merinas Auto Last Youtube Video auto-last-youtube-video allows Stored XSS.This issue affects Auto Last Youtube Video: from n/a through <= 1.0.7. | ||||
| CVE-2025-58833 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in INVELITY Invelity MyGLS connect invelity-mygls-connect allows Object Injection.This issue affects Invelity MyGLS connect: from n/a through <= 1.1.1. | ||||
| CVE-2025-58831 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in snagysandor Parallax Scrolling Enllax.js parallax-scrolling-enllax-js allows Cross Site Request Forgery.This issue affects Parallax Scrolling Enllax.js: from n/a through <= 0.0.6. | ||||
| CVE-2025-58818 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through <= 3.2.1. | ||||
| CVE-2025-58809 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Nick Ciske To Lead For Salesforce salesforce-wordpress-to-lead allows Reflected XSS.This issue affects To Lead For Salesforce: from n/a through <= 2.7.3.9. | ||||
| CVE-2025-58807 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Dsingh Purge Varnish Cache purge-varnish allows Stored XSS.This issue affects Purge Varnish Cache: from n/a through <= 2.6. | ||||
| CVE-2025-58806 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Tom Longridge WordPress Error Monitoring by Bugsnag bugsnag allows Stored XSS.This issue affects WordPress Error Monitoring by Bugsnag: from n/a through <= 1.6.3. | ||||
| CVE-2025-58804 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in brijrajs WooCommerce Single Page Checkout woo-single-page-checkout allows Cross Site Request Forgery.This issue affects WooCommerce Single Page Checkout: from n/a through <= 1.2.7. | ||||
| CVE-2025-58802 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in michalzagdan TrustMate.io – WooCommerce integration trustmate-io-integration-for-woocommerce allows Cross Site Request Forgery.This issue affects TrustMate.io – WooCommerce integration: from n/a through <= 1.16.0. | ||||
| CVE-2025-58801 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in KCS Responder responder allows Cross Site Request Forgery.This issue affects Responder: from n/a through <= 4.3.8. | ||||
| CVE-2025-58800 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through <= 2.8.5. | ||||
| CVE-2025-58799 | 2 Themelocation, Wordpress | 2 Custom Woocommerce Checkout Fields Editor, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in themelocation Custom WooCommerce Checkout Fields Editor add-fields-to-checkout-page-woocommerce allows Cross Site Request Forgery.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through <= 1.3.4. | ||||
| CVE-2025-58798 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Bjorn Manintveld BCM Duplicate Menu bcm-duplicate-menu allows Cross Site Request Forgery.This issue affects BCM Duplicate Menu: from n/a through <= 1.1.3. | ||||