Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2025-03-02 CVE-2025-1813 Cross-Site Request Forgery (CSRF) vulnerability in Zframeworks ZZ
A vulnerability classified as problematic was found in zj1983 zz up to 2024-08.
network
low complexity
zframeworks CWE-352
6.5
2025-03-01 CVE-2024-13518 The Simple:Press Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.10.11.
network
low complexity
CWE-352
4.3
2025-02-28 CVE-2025-1506 Cross-Site Request Forgery (CSRF) vulnerability in Wpmet WP Social Login and Register Social Counter
The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0.
network
low complexity
wpmet CWE-352
4.3
2025-02-28 CVE-2025-0801 Cross-Site Request Forgery (CSRF) vulnerability in Ratemyagent
The RateMyAgent Official plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.0.
network
low complexity
ratemyagent CWE-352
4.3
2025-02-28 CVE-2025-1687 The Cardealer theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.4.
network
low complexity
CWE-352
8.8
2025-02-27 CVE-2024-13647 Cross-Site Request Forgery (CSRF) vulnerability in Themesawesome Sakolawp
The School Management System – SakolaWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.
network
low complexity
themesawesome CWE-352
4.3
2025-02-26 CVE-2024-13560 The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.6.
network
low complexity
CWE-352
4.3
2025-02-25 CVE-2025-26963 Cross-Site Request Forgery (CSRF) vulnerability in Flowdee Clickwhale
Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request Forgery.
network
low complexity
flowdee CWE-352
8.8
2025-02-25 CVE-2024-13494 Cross-Site Request Forgery (CSRF) vulnerability in Iptanus Wordpress File Upload
The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.25.2.
network
low complexity
iptanus CWE-352
4.3
2025-02-21 CVE-2024-13883 Cross-Site Request Forgery (CSRF) vulnerability in Victorfreitas Wpupper Share Buttons
The WPUpper Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.51.
network
low complexity
victorfreitas CWE-352
4.3