| 2025-03-20 | CVE-2024-8736 | Cross-Site Request Forgery (CSRF) vulnerability in Lollms web UI 12
A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 (Strawberry). | 6.5 |
| 2025-03-20 | CVE-2024-9311 | Cross-Site Request Forgery (CSRF) vulnerability in Hliu Large Language and Vision Assistant 1.2.0
A Cross-Site Request Forgery (CSRF) vulnerability in haotian-liu/llava v1.2.0 (LLaVA-1.6) allows an attacker to upload files with malicious content without authentication or user interaction. | 6.1 |
| 2025-03-20 | CVE-2025-1314 | The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5. | 4.3 |
| 2025-03-19 | CVE-2024-13933 | The FoodBakery | Delivery Restaurant Directory WordPress Theme theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7. | 8.8 |
| 2025-03-15 | CVE-2025-1530 | Cross-Site Request Forgery (CSRF) vulnerability in Tripetto
The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. | 4.3 |
| 2025-03-14 | CVE-2024-13913 | The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.0.83. | 8.8 |
| 2025-03-14 | CVE-2025-1764 | The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.1. | 7.5 |
| 2025-03-11 | CVE-2025-28856 | Cross-Site Request Forgery (CSRF) vulnerability in W3Counter
Cross-Site Request Forgery (CSRF) vulnerability in dangrossman W3Counter Free Real-Time Web Stats allows Cross Site Request Forgery. | 8.8 |
| 2025-03-11 | CVE-2025-28857 | Cross-Site Request Forgery (CSRF) vulnerability in Rankchecker
Cross-Site Request Forgery (CSRF) vulnerability in rankchecker Rankchecker.io Integration allows Stored XSS. | 6.1 |
| 2025-03-11 | CVE-2025-28859 | Cross-Site Request Forgery (CSRF) vulnerability in Codevibrant Maintenance Notice
Cross-Site Request Forgery (CSRF) vulnerability in CodeVibrant Maintenance Notice allows Cross Site Request Forgery. | 8.8 |