Total
8623 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25125 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 2.7. | ||||
| CVE-2025-25126 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in zmseo ZMSEO allows Stored XSS. This issue affects ZMSEO: from n/a through 1.14.1. | ||||
| CVE-2025-25149 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Danillo Nunes Login-box allows Stored XSS. This issue affects Login-box: from n/a through 2.0.4. | ||||
| CVE-2025-25145 | 2025-02-12 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows Cross Site Request Forgery. This issue affects Infusionsoft Analytics: from n/a through 2.0. | ||||
| CVE-2025-25140 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Scriptonite Simple User Profile allows Stored XSS. This issue affects Simple User Profile: from n/a through 1.9. | ||||
| CVE-2025-25135 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Victor Barkalov Custom Links On Admin Dashboard Toolbar allows Stored XSS. This issue affects Custom Links On Admin Dashboard Toolbar: from n/a through 3.3. | ||||
| CVE-2025-25138 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rishi On Page SEO + Whatsapp Chat Button allows Stored XSS. This issue affects On Page SEO + Whatsapp Chat Button: from n/a through 2.0.0. | ||||
| CVE-2025-25156 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments allows Stored XSS. This issue affects Quote Comments: from n/a through 2.2.1. | ||||
| CVE-2025-25160 | 1 Markbarnes | 1 Style Tweaker | 2025-02-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS. This issue affects Style Tweaker: from n/a through 0.11. | ||||
| CVE-2025-25166 | 1 Gabrieldarezzo | 1 Inlocation | 2025-02-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS. This issue affects InLocation: from n/a through 1.8. | ||||
| CVE-2025-25168 | 1 Blackandwhitedigital | 1 Bookpress | 2025-02-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigital BookPress – For Book Authors allows Cross-Site Scripting (XSS). This issue affects BookPress – For Book Authors: from n/a through 1.2.7. | ||||
| CVE-2025-24742 | 1 Codecabin | 1 Wp Go Maps | 2025-02-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go Maps. This issue affects WP Go Maps: from n/a through 9.0.40. | ||||
| CVE-2024-13683 | 1 Sperse | 1 Automate Hub | 2025-02-12 | 4.3 Medium |
| The Automate Hub Free by Sperse.IO plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.0. This is due to missing or incorrect nonce validation on the 'automate_hub' page. This makes it possible for unauthenticated attackers to update an activation status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2025-22768 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Media Library Mime Type allows Stored XSS. This issue affects Rocket Media Library Mime Type: from n/a through 2.1.0. | ||||
| CVE-2025-23745 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. | ||||
| CVE-2025-23749 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. | ||||
| CVE-2025-24714 | 2025-02-12 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu allows Cross Site Request Forgery. This issue affects Bubble Menu – circle floating menu: from n/a through 4.0.2. | ||||
| CVE-2025-24738 | 2025-02-12 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NowButtons.com Call Now Button allows Cross Site Request Forgery. This issue affects Call Now Button: from n/a through 1.4.13. | ||||
| CVE-2025-24756 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calculator allows Stored XSS. This issue affects Roi Calculator: from n/a through 1.0. | ||||
| CVE-2025-24538 | 2025-02-12 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in slaFFik BuddyPress Groups Extras allows Cross Site Request Forgery. This issue affects BuddyPress Groups Extras: from n/a through 3.6.10. | ||||