Total
8579 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42435 | 1 Ibm | 1 Business Automation Workflow | 2025-04-10 | 4.3 Medium |
| IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, and 22.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 238054. | ||||
| CVE-2025-31033 | 2025-04-09 | 9.8 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Adam Nowak Buddypress Humanity allows Cross Site Request Forgery. This issue affects Buddypress Humanity: from n/a through 1.2. | ||||
| CVE-2025-32621 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital WP Map Route Planner allows Cross Site Request Forgery. This issue affects WP Map Route Planner: from n/a through 1.0.0. | ||||
| CVE-2025-32619 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in KeyCAPTCHA KeyCAPTCHA allows Stored XSS. This issue affects KeyCAPTCHA: from n/a through 2.5.1. | ||||
| CVE-2025-32556 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sandor Kovacs Simple Post Meta Manager allows Reflected XSS. This issue affects Simple Post Meta Manager: from n/a through 1.0.9. | ||||
| CVE-2025-32661 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive US Map allows Stored XSS. This issue affects Interactive US Map: from n/a through 2.7. | ||||
| CVE-2025-32597 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily allows Cross-Site Scripting (XSS). This issue affects WordPress Events Calendar Plugin – connectDaily: from n/a through 1.4.8. | ||||
| CVE-2025-32669 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack allows Stored XSS. This issue affects Mergado Pack: from n/a through 4.1.1. | ||||
| CVE-2025-32576 | 2025-04-09 | 9.6 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Agence web Eoxia - Montpellier WP shop allows Upload a Web Shell to a Web Server. This issue affects WP shop: from n/a through 2.6.0. | ||||
| CVE-2025-32617 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ydesignservices Multiple Location Google Map allows Stored XSS. This issue affects Multiple Location Google Map: from n/a through 1.1. | ||||
| CVE-2025-31392 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Shameem Reza Smart Product Gallery Slider allows Cross Site Request Forgery. This issue affects Smart Product Gallery Slider: from n/a through 1.0.4. | ||||
| CVE-2025-31402 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NewsBoard Plugin NewsBoard Post and RSS Scroller allows Stored XSS. This issue affects NewsBoard Post and RSS Scroller: from n/a through 1.2.12. | ||||
| CVE-2025-32679 | 2025-04-09 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ZealousWeb User Registration Using Contact Form 7 allows Cross Site Request Forgery. This issue affects User Registration Using Contact Form 7: from n/a through 2.2. | ||||
| CVE-2025-31375 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bhoogterp Scheduled allows Stored XSS. This issue affects Scheduled: from n/a through 1.0. | ||||
| CVE-2025-32641 | 2025-04-09 | 9.6 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability in anantaddons Anant Addons for Elementor allows Cross Site Request Forgery. This issue affects Anant Addons for Elementor: from n/a through 1.1.5. | ||||
| CVE-2025-31382 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in theode Language Field allows Stored XSS. This issue affects Language Field: from n/a through 0.9. | ||||
| CVE-2025-32575 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB allows Reflected XSS. This issue affects WP w3all phpBB: from n/a through 2.9.2. | ||||
| CVE-2025-32612 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in rafasashi User Session Synchronizer allows Stored XSS. This issue affects User Session Synchronizer: from n/a through 1.4.0. | ||||
| CVE-2025-32584 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Chat2 Chat2 allows Cross Site Request Forgery. This issue affects Chat2: from n/a through 3.6.3. | ||||
| CVE-2025-32616 | 2025-04-09 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in nimbata Nimbata Call Tracking allows Stored XSS. This issue affects Nimbata Call Tracking: from n/a through 1.7.1. | ||||