Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-19 | CVE-2024-13336 | The Disable Auto Updates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. | 4.3 |
| 2025-02-19 | CVE-2024-13339 | Cross-Site Request Forgery (CSRF) vulnerability in Debounce Email Validator The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.6. | 5.4 |
| 2025-02-19 | CVE-2024-13405 | The Apptivo Business Site CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.3. | 4.3 |
| 2025-02-19 | CVE-2025-0865 | The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. | 6.5 |
| 2025-02-19 | CVE-2025-1441 | Cross-Site Request Forgery (CSRF) vulnerability in Royal-Elementor-Addons Royal Elementor Addons The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1007. | 8.8 |
| 2025-02-18 | CVE-2024-13718 | Cross-Site Request Forgery (CSRF) vulnerability in Wpdesk Flexible Wishlist for Woocommerce The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.26. | 4.3 |
| 2025-02-18 | CVE-2024-13795 | Cross-Site Request Forgery (CSRF) vulnerability in Lightspeedhq Ecwid Ecommerce Shopping Cart The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.12.27. | 4.3 |
| 2025-02-18 | CVE-2024-13523 | Cross-Site Request Forgery (CSRF) vulnerability in Shenyanzhi Memorialday The MemorialDay plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. | 5.4 |
| 2025-02-18 | CVE-2024-13315 | Cross-Site Request Forgery (CSRF) vulnerability in Shopwarden The Shopwarden – Automated WooCommerce monitoring & testing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.11. | 8.8 |
| 2025-02-18 | CVE-2024-13438 | Cross-Site Request Forgery (CSRF) vulnerability in Speedsize Image & Video Ai-Optimizer The SpeedSize Image & Video AI-Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. | 4.3 |