Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-19 | CVE-2025-0865 | Cross-Site Request Forgery (CSRF) vulnerability in De-Baat WP Media Category Management The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. | 6.5 |
| 2025-02-19 | CVE-2025-1441 | Cross-Site Request Forgery (CSRF) vulnerability in Royal-Elementor-Addons Royal Elementor Addons The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1007. | 8.8 |
| 2025-02-18 | CVE-2024-13718 | Cross-Site Request Forgery (CSRF) vulnerability in Wpdesk Flexible Wishlist for Woocommerce The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.26. | 4.3 |
| 2025-02-18 | CVE-2024-13795 | Cross-Site Request Forgery (CSRF) vulnerability in Lightspeedhq Ecwid Ecommerce Shopping Cart The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.12.27. | 4.3 |
| 2025-02-18 | CVE-2024-13523 | Cross-Site Request Forgery (CSRF) vulnerability in Shenyanzhi Memorialday The MemorialDay plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. | 5.4 |
| 2025-02-18 | CVE-2024-13315 | Cross-Site Request Forgery (CSRF) vulnerability in Shopwarden The Shopwarden – Automated WooCommerce monitoring & testing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.11. | 8.8 |
| 2025-02-18 | CVE-2024-13438 | Cross-Site Request Forgery (CSRF) vulnerability in Speedsize Image & Video Ai-Optimizer The SpeedSize Image & Video AI-Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. | 4.3 |
| 2025-02-18 | CVE-2024-13522 | Cross-Site Request Forgery (CSRF) vulnerability in Magayo Lottery Results The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.12. | 5.4 |
| 2025-02-18 | CVE-2024-13555 | Cross-Site Request Forgery (CSRF) vulnerability in 1Clickmigration 1 Click Migration The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. | 4.3 |
| 2025-02-18 | CVE-2024-13684 | Cross-Site Request Forgery (CSRF) vulnerability in Smartzminds Reset The Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6. | 8.1 |