Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-28 | CVE-2025-0801 | Cross-Site Request Forgery (CSRF) vulnerability in Ratemyagent The RateMyAgent Official plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.0. | 4.3 |
| 2025-02-28 | CVE-2025-1687 | The Cardealer theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.4. | 8.8 |
| 2025-02-27 | CVE-2024-13647 | Cross-Site Request Forgery (CSRF) vulnerability in Themesawesome Sakolawp The School Management System – SakolaWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. | 4.3 |
| 2025-02-26 | CVE-2024-13560 | The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.6. | 4.3 |
| 2025-02-25 | CVE-2024-13494 | Cross-Site Request Forgery (CSRF) vulnerability in Iptanus Wordpress File Upload The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.25.2. | 4.3 |
| 2025-02-21 | CVE-2024-13883 | Cross-Site Request Forgery (CSRF) vulnerability in Victorfreitas Wpupper Share Buttons The WPUpper Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.51. | 4.3 |
| 2025-02-20 | CVE-2024-49779 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass security restrictions, caused by improper validation and management of authentication cookies. | 8.8 |
| 2025-02-20 | CVE-2024-13753 | Cross-Site Request Forgery (CSRF) vulnerability in Webcodingplace Ultimate Classified Listings The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. | 8.8 |
| 2025-02-19 | CVE-2024-13336 | Cross-Site Request Forgery (CSRF) vulnerability in Exeebit Disable Auto Updates The Disable Auto Updates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. | 4.3 |
| 2025-02-19 | CVE-2024-13339 | Cross-Site Request Forgery (CSRF) vulnerability in Debounce Email Validator The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.6. | 5.4 |