Total
9090 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22355 | 2 Gregmolnar, Wordpress | 2 Simple Xml Sitemap, Wordpress | 2026-04-01 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in gregmolnar Simple XML Sitemap simple-xml-sitemap allows Stored XSS.This issue affects Simple XML Sitemap: from n/a through <= 1.3. | ||||
| CVE-2025-69021 | 2 Ays-pro, Wordpress | 2 Popup Box, Wordpress | 2026-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site Request Forgery.This issue affects Popup box: from n/a through <= 6.0.7. | ||||
| CVE-2025-68998 | 2 Heateor, Wordpress | 2 Social Login, Wordpress | 2026-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Heateor Support Heateor Social Login heateor-social-login allows Cross Site Request Forgery.This issue affects Heateor Social Login: from n/a through <= 1.1.39. | ||||
| CVE-2025-68584 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Constantin Boiangiu Vimeotheque codeflavors-vimeo-video-post-lite allows Cross Site Request Forgery.This issue affects Vimeotheque: from n/a through <= 2.3.5.2. | ||||
| CVE-2025-68583 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Tikweb Management Fast User Switching fast-user-switching allows Cross Site Request Forgery.This issue affects Fast User Switching: from n/a through <= 1.4.10. | ||||
| CVE-2025-68580 | 2 Pluginsware, Wordpress | 2 Advanced Classifieds & Directory Pro, Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro advanced-classifieds-and-directory-pro allows Cross Site Request Forgery.This issue affects Advanced Classifieds & Directory Pro: from n/a through <= 3.2.9. | ||||
| CVE-2025-68573 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-keyword-to-link allows Cross Site Request Forgery.This issue affects Simple Keyword to Link: from n/a through <= 1.5. | ||||
| CVE-2025-68529 | 2 Rhys Wynne, Wordpress | 2 Wp Email Capture, Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Cross Site Request Forgery.This issue affects WP Email Capture: from n/a through <= 3.12.5. | ||||
| CVE-2025-68083 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Meks Meks Quick Plugin Disabler meks-quick-plugin-disabler allows Cross Site Request Forgery.This issue affects Meks Quick Plugin Disabler: from n/a through <= 1.0. | ||||
| CVE-2025-68082 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32. | ||||
| CVE-2025-67626 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Angel Costa WP SEO Search wp-seo-search allows Cross Site Request Forgery.This issue affects WP SEO Search: from n/a through <= 1.1. | ||||
| CVE-2025-67625 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in tmtraderunner Trade Runner traderunner allows Cross Site Request Forgery.This issue affects Trade Runner: from n/a through <= 3.14. | ||||
| CVE-2025-67622 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in titopandub Evergreen Post Tweeter evergreen-post-tweeter allows Stored XSS.This issue affects Evergreen Post Tweeter: from n/a through <= 1.8.9. | ||||
| CVE-2025-67598 | 2 Supportcandy, Wordpress | 2 Supportcandy, Wordpress | 2026-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PSM Plugins SupportCandy supportcandy allows Cross Site Request Forgery.This issue affects SupportCandy: from n/a through <= 3.4.1. | ||||
| CVE-2025-67596 | 2 Strategy11, Wordpress | 2 Business Directory Plugin, Wordpress | 2026-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through <= 6.4.19. | ||||
| CVE-2025-67595 | 2 Ays-pro, Wordpress | 2 Quiz Maker, Wordpress | 2026-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.82. | ||||
| CVE-2025-67593 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through <= 1.2.48. | ||||
| CVE-2025-67591 | 2 Jnews, Wordpress | 2 Jnews, Wordpress | 2026-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Paywall: from n/a through < 12.0.1. | ||||
| CVE-2025-67590 | 2 Rustaurius, Wordpress | 2 Ultimate Faq, Wordpress | 2026-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate FAQ ultimate-faqs allows Cross Site Request Forgery.This issue affects Ultimate FAQ: from n/a through <= 2.4.3. | ||||
| CVE-2025-67534 | 1 Wordpress | 1 Wordpress | 2026-04-01 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through <= 3.13.7. | ||||