Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-03 | CVE-2025-4198 | The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. | 6.1 |
| 2025-05-03 | CVE-2025-4199 | The Abundatrade Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.02. | 6.1 |
| 2025-05-02 | CVE-2024-11142 | Cross-Site Request Forgery (CSRF) vulnerability in Proticaret Cross-Site Request Forgery (CSRF) vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery.This issue affects Proticaret E-Commerce: before v6.0 NOTE: According to the vendor, fixing process is still ongoing for v4.05. | 8.8 |
| 2025-05-01 | CVE-2025-1305 | Cross-Site Request Forgery (CSRF) vulnerability in Spicethemes Newsblogger The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2.5.4. | 8.8 |
| 2025-05-01 | CVE-2025-2168 | Cross-Site Request Forgery (CSRF) vulnerability in Bdthemes Ultimate Store KIT The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.1. | 4.3 |
| 2025-04-27 | CVE-2025-3979 | Cross-Site Request Forgery (CSRF) vulnerability in Lecms 3.0.3 A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. | 6.5 |
| 2025-04-22 | CVE-2025-31328 | SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. | 4.6 |
| 2025-04-22 | CVE-2025-46231 | Cross-Site Request Forgery (CSRF) vulnerability in Servit Affiliate-Toolkit Cross-Site Request Forgery (CSRF) vulnerability in SERVIT Software Solutions affiliate-toolkit allows Cross Site Request Forgery. | 8.8 |
| 2025-04-22 | CVE-2025-46241 | Cross-Site Request Forgery (CSRF) vulnerability in Codepeople Appointment Booking Calendar Cross-Site Request Forgery (CSRF) vulnerability in codepeople Appointment Booking Calendar allows SQL Injection. | 8.8 |
| 2025-04-22 | CVE-2025-46243 | Cross-Site Request Forgery (CSRF) vulnerability in Sktthemes Recover Abandoned Cart for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows Cross Site Request Forgery. | 8.8 |