Export limit exceeded: 10096 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10096 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47468 | 1 Hashthemes | 1 Hash Form | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in hashthemes Hash Form hash-form allows Cross Site Request Forgery.This issue affects Hash Form: from n/a through <= 1.2.8. | ||||
| CVE-2025-47466 | 2026-04-23 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate WP Mail: from n/a through <= 1.3.4. | ||||
| CVE-2025-47462 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WebAppick Challan webappick-pdf-invoice-for-woocommerce allows Privilege Escalation.This issue affects Challan: from n/a through <= 3.7.58. | ||||
| CVE-2025-47459 | 2026-04-23 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through <= 1.7.3. | ||||
| CVE-2025-47451 | 2026-04-23 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Product Quantity Dropdown For Woocommerce product-quantity-dropdown-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Quantity Dropdown For Woocommerce: from n/a through <= 1.2. | ||||
| CVE-2025-47448 | 1 Thimpress | 1 Wp Hotel Booking | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through <= 2.1.9. | ||||
| CVE-2025-47447 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Cross Site Request Forgery.This issue affects Cool Author Box: from n/a through <= 3.0.0. | ||||
| CVE-2025-47446 | 1 Listamester | 1 Listamester | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in listamester Listamester listamester allows Cross Site Request Forgery.This issue affects Listamester: from n/a through <= 2.3.6. | ||||
| CVE-2025-46530 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Attachment hacklog-remote-attachment allows Stored XSS.This issue affects Hacklog Remote Attachment: from n/a through <= 1.3.2. | ||||
| CVE-2025-46528 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar availability allows Stored XSS.This issue affects Availability Calendar: from n/a through <= 0.2.4. | ||||
| CVE-2025-46524 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in stesvis WP Filter Post Category wp-filter-post-categories allows Stored XSS.This issue affects WP Filter Post Category: from n/a through <= 2.1.4. | ||||
| CVE-2025-46522 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Billy Bryant Tabs gt-tabs allows Stored XSS.This issue affects Tabs: from n/a through <= 4.0.3. | ||||
| CVE-2025-46520 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in alphasis Related Posts via Taxonomies related-posts-via-taxonomies allows Stored XSS.This issue affects Related Posts via Taxonomies: from n/a through <= 1.0.1. | ||||
| CVE-2025-46516 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in silencecm Twitter Card Generator twitter-card-generator allows Stored XSS.This issue affects Twitter Card Generator: from n/a through <= 1.0.5. | ||||
| CVE-2025-46514 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in milat Milat jQuery Automatic Popup milat-jquery-automatic-popup allows Stored XSS.This issue affects Milat jQuery Automatic Popup: from n/a through <= 1.3.1. | ||||
| CVE-2025-46513 | 2 Codebangers, Wordpress | 2 All In One Time Clock Lite, Wordpress | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Codebangers All in One Time Clock Lite aio-time-clock-lite allows Cross Site Request Forgery.This issue affects All in One Time Clock Lite: from n/a through < 1.3.326. | ||||
| CVE-2025-46512 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Shamim Hasan Custom Functions Plugin custom-functions allows Stored XSS.This issue affects Custom Functions Plugin: from n/a through <= 1.1. | ||||
| CVE-2025-46510 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in harrysudana Contact Form 7 Calendar cf7-calendar allows Stored XSS.This issue affects Contact Form 7 Calendar: from n/a through <= 3.0.1. | ||||
| CVE-2025-46508 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in kasonzhao Advanced lazy load advanced-lazy-load allows Stored XSS.This issue affects Advanced lazy load: from n/a through <= 1.6.0. | ||||
| CVE-2025-46507 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ldrumm Unsafe Mimetypes unsafe-mimetypes allows Stored XSS.This issue affects Unsafe Mimetypes: from n/a through <= 0.1.4. | ||||