VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Cross-Site Request Forgery (CSRF)
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-25
CVE-2024-13710
The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0.
network
low complexity
CWE-352
4.3
4.3
2025-03-25
CVE-2025-2319
The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.11.13 to 5.25.08.
network
low complexity
CWE-352
8.8
8.8
2025-03-25
CVE-2025-1320
The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9.
network
low complexity
CWE-352
4.3
4.3
2025-03-22
CVE-2024-13768
The CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.
network
low complexity
CWE-352
4.3
4.3
2025-03-22
CVE-2025-0807
The CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.
network
low complexity
CWE-352
4.3
4.3
2025-03-20
CVE-2025-1314
The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5.
network
low complexity
CWE-352
4.3
4.3
2025-03-19
CVE-2024-13933
The FoodBakery | Delivery Restaurant Directory WordPress Theme theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7.
network
low complexity
CWE-352
8.8
8.8
2025-03-15
CVE-2025-1530
Cross-Site Request Forgery (CSRF) vulnerability in Tripetto
The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9.
network
low complexity
tripetto
CWE-352
4.3
4.3
2025-03-14
CVE-2024-13913
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.0.83.
network
low complexity
CWE-352
8.8
8.8
2025-03-14
CVE-2025-1764
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.1.
network
high complexity
CWE-352
7.5
7.5
«
1
(current)
2
3
4
5
...
346
347
»
Next