Total
8611 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30857 | 2025-03-27 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce allows Stored XSS. This issue affects Currency Switcher for WooCommerce: from n/a through 0.0.7. | ||||
| CVE-2025-30856 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager allows Cross Site Request Forgery. This issue affects Custom Field For WP Job Manager: from n/a through 1.4. | ||||
| CVE-2025-30854 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial Codes Generator and Validator with WooCommerce Support allows Cross Site Request Forgery. This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.7.7. | ||||
| CVE-2025-30833 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery. This issue affects Verge3D: from n/a through 4.8.2. | ||||
| CVE-2025-30822 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom Login Logo allows Cross Site Request Forgery. This issue affects Custom Login Logo: from n/a through 1.1.7. | ||||
| CVE-2025-30816 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification allows Cross Site Request Forgery. This issue affects publish post email notification: from n/a through 1.0.2.3. | ||||
| CVE-2025-30805 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible Cookies allows Cross Site Request Forgery. This issue affects Flexible Cookies: from n/a through 1.1.8. | ||||
| CVE-2025-30804 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in maennchen1.de wpShopGermany IT-RECHT KANZLEI allows Cross Site Request Forgery. This issue affects wpShopGermany IT-RECHT KANZLEI: from n/a through 2.0. | ||||
| CVE-2025-30801 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Abu Bakar TWB Woocommerce Reviews allows Cross Site Request Forgery. This issue affects TWB Woocommerce Reviews: from n/a through 1.7.7. | ||||
| CVE-2025-30788 | 2025-03-27 | 8.2 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows SQL Injection. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08. | ||||
| CVE-2025-30787 | 2025-03-27 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows Stored XSS. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08. | ||||
| CVE-2025-30783 | 2025-03-27 | 8.2 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33 WP Google Review Slider allows SQL Injection. This issue affects WP Google Review Slider: from n/a through 16.0. | ||||
| CVE-2023-49965 | 1 Spacex | 1 Starlink Wifi Router Gen2 | 2025-03-27 | 6.8 Medium |
| SpaceX Starlink Wi-Fi router Gen 2 before 2023.48.0 allows XSS via the ssid and password parameters on the Setup Page. | ||||
| CVE-2025-2319 | 2025-03-27 | 8.8 High | ||
| The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.11.13 to 5.25.08. This is due to missing or incorrect nonce validation on the 'ELISQLREPORTS_menu' function. This makes it possible for unauthenticated attackers to execute code on the server via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Version 5.25.10 adds a nonce check, which makes this vulnerability exploitable by admins only. | ||||
| CVE-2025-22637 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print PDF Generator and Publisher allows Cross Site Request Forgery.This issue affects Print PDF Generator and Publisher: from n/a through 1.2.0. | ||||
| CVE-2025-22634 | 2025-03-27 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hossain Easy Booked – Appointment Booking and Scheduling Management System for WordPress allows Cross Site Request Forgery.This issue affects Easy Booked – Appointment Booking and Scheduling Management System for WordPress: from n/a through 2.4.5. | ||||
| CVE-2025-22669 | 2025-03-27 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome Event Booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through 2.7.5. | ||||
| CVE-2025-25086 | 2025-03-27 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Secret Meta allows Reflected XSS.This issue affects Secret Meta: from n/a through 1.2.1. | ||||
| CVE-2025-30558 | 2025-03-27 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in EnzoCostantini55 ANAC XML Render allows Stored XSS. This issue affects ANAC XML Render: from n/a through 1.5.7. | ||||
| CVE-2025-30552 | 2025-03-27 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Donald Gilbert WordPress Admin Bar Improved allows Stored XSS. This issue affects WordPress Admin Bar Improved: from n/a through 3.3.5. | ||||