Total
8700 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24696 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Attire Attire Blocks allows Cross Site Request Forgery. This issue affects Attire Blocks: from n/a through 1.9.6. | |||||
| CVE-2025-24647 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in datafeedr.com WooCommerce Cloak Affiliate Links allows Cross Site Request Forgery. This issue affects WooCommerce Cloak Affiliate Links: from n/a through 1.0.35. | |||||
| CVE-2025-24636 | 2025-01-24 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Laymance Technologies LLC MachForm Shortcode allows Stored XSS. This issue affects MachForm Shortcode: from n/a through 1.4.1. | |||||
| CVE-2025-24623 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Security Really Simple SSL allows Cross Site Request Forgery. This issue affects Really Simple SSL: from n/a through 9.1.4. | |||||
| CVE-2025-24622 | 2025-01-24 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Job Board Manager allows Cross Site Request Forgery. This issue affects Job Board Manager: from n/a through 2.1.59. | |||||
| CVE-2025-24572 | 2025-01-24 | N/A | 6.5 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross Site Request Forgery. This issue affects WP Fast Total Search: from n/a through 1.78.258. | |||||
| CVE-2025-24568 | 2025-01-24 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates allows Cross Site Request Forgery. This issue affects Starter Templates: from n/a through 4.4.9. | |||||
| CVE-2025-24562 | 2025-01-24 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS. This issue affects KBucket: from n/a through 4.1.6. | |||||
| CVE-2025-24561 | 2025-01-24 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap ReviewsTap allows Stored XSS. This issue affects ReviewsTap: from n/a through 1.1.2. | |||||
| CVE-2025-24555 | 2025-01-24 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows Stored XSS. This issue affects Subscription DNA: from n/a through 2.1. | |||||
| CVE-2023-32991 | 1 Jenkins | 1 Saml Single Sign On | 2025-01-23 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | |||||
| CVE-2023-32989 | 1 Jenkins | 1 Azure Vm Agents | 2025-01-23 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | |||||
| CVE-2023-32995 | 1 Jenkins | 1 Saml Single Sign On | 2025-01-23 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | |||||
| CVE-2023-50886 | 1 Wpwax | 1 Legal Pages | 2025-01-23 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF), Incorrect Authorization vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.3.7. | |||||
| CVE-2023-50861 | 1 Pluginus | 1 Husky - Products Filter Professional For Woocommerce | 2025-01-23 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.4.3. | |||||
| CVE-2024-25982 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2025-01-23 | N/A | 4.3 MEDIUM |
| The link to update all installed language packs did not include the necessary token to prevent a CSRF risk. | |||||
| CVE-2025-22768 | 2025-01-23 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Media Library Mime Type allows Stored XSS. This issue affects Rocket Media Library Mime Type: from n/a through 2.1.0. | |||||
| CVE-2023-33006 | 1 Jenkins | 1 Wso2 Oauth | 2025-01-23 | N/A | 5.4 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account. | |||||
| CVE-2023-33003 | 1 Jenkins | 1 Tag Profiler | 2025-01-23 | N/A | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers to reset profiler statistics. | |||||
| CVE-2023-32998 | 1 Jenkins | 1 Appspider | 2025-01-23 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. | |||||