Export limit exceeded: 10127 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10127 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-8166 | 3 Debian, Redhat, Rubyonrails | 4 Debian Linux, Satellite, Satellite Capsule and 1 more | 2026-04-28 | 4.3 Medium |
| A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token. | ||||
| CVE-2025-68573 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through <= 1.5. | ||||
| CVE-2025-66531 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through <= 10.30.3. | ||||
| CVE-2025-66529 | 2 Ays-pro, Wordpress | 2 Chartify, Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through <= 3.6.3. | ||||
| CVE-2025-62080 | 3 Channelize.io, Woocommerce, Wordpress | 3 Live Shopping & Shoppable Videos For Woocommerce, Woocommerce, Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Channelize.io Team Live Shopping & Shoppable Videos For WooCommerce live-shopping-video-streams allows Cross Site Request Forgery.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through <= 2.2.0. | ||||
| CVE-2025-60171 | 3 Woocommerce, Wordpress, Yourplugins | 3 Woocommerce, Wordpress, Conditional Cart Messages For Woocommerce | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in yourplugins Conditional Cart Messages for WooCommerce – YourPlugins.com yourplugins-wc-conditional-cart-notices allows Stored XSS.This issue affects Conditional Cart Messages for WooCommerce – YourPlugins.com: from n/a through <= 1.2.10. | ||||
| CVE-2025-60156 | 2 Webandprintdesign, Wordpress | 2 Ar For Wordpress, Wordpress | 2026-04-28 | 9.6 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through <= 8.34. | ||||
| CVE-2025-58800 | 2026-04-28 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through <= 2.8.5. | ||||
| CVE-2025-58794 | 2026-04-28 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Cross Site Request Forgery.This issue affects Notification for Telegram: from n/a through <= 3.5. | ||||
| CVE-2025-57978 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in themespride Advanced Appointment Booking & Scheduling advanced-appointment-booking-scheduling allows Cross Site Request Forgery.This issue affects Advanced Appointment Booking & Scheduling: from n/a through <= 2.1. | ||||
| CVE-2025-57977 | 3 Woocommerce, Wordpress, Wpdesk | 3 Woocommerce, Wordpress, Flexible Pdf Invoices | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible PDF Invoices for WooCommerce & WordPress flexible-invoices allows Cross Site Request Forgery.This issue affects Flexible PDF Invoices for WooCommerce & WordPress: from n/a through <= 6.0.13. | ||||
| CVE-2025-57902 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Md Taufiqur Rahman RIS Version Switcher – Downgrade or Upgrade WP Versions Easily ris-version-switcher allows Cross Site Request Forgery.This issue affects RIS Version Switcher – Downgrade or Upgrade WP Versions Easily: from n/a through <= 1.0. | ||||
| CVE-2025-52791 | 2026-04-28 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in devfelixmoira Knowledge Base – Knowledge Base Maker knowledge-base-maker allows Stored XSS.This issue affects Knowledge Base – Knowledge Base Maker: from n/a through <= 1.1.8. | ||||
| CVE-2025-52789 | 2026-04-28 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in George Lewe Lewe ChordPress chordpress allows Stored XSS.This issue affects Lewe ChordPress: from n/a through <= 4.0.1. | ||||
| CVE-2025-52793 | 2026-04-28 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Esselink.nu Esselink.nu Settings esselinknu-settings allows Reflected XSS.This issue affects Esselink.nu Settings: from n/a through <= 4.5. | ||||
| CVE-2025-49977 | 2026-04-28 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Cross Site Request Forgery.This issue affects WP Inventory Manager: from n/a through <= 2.3.4. | ||||
| CVE-2025-49451 | 2026-04-28 | 7.5 High | ||
| Path Traversal: '.../...//' vulnerability in yannisraft Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery aeroscroll-gallery allows Path Traversal.This issue affects Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery: from n/a through <= 1.0.13. | ||||
| CVE-2025-49351 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through <= 1.3.1. | ||||
| CVE-2025-48342 | 2026-04-28 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in RedefiningTheWeb Dynamic Pricing & Discounts Lite for WooCommerce woo-dynamic-pricing-discounts-lite allows Cross Site Request Forgery.This issue affects Dynamic Pricing & Discounts Lite for WooCommerce: from n/a through <= 2.0.4. | ||||
| CVE-2025-47649 | 2026-04-28 | 8.8 High | ||
| Path Traversal: '.../...//' vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows PHP Local File Inclusion.This issue affects Open Close WooCommerce Store: from n/a through <= 4.9.9. | ||||