Selection:
XSS CSRF Privilege Buffer Remote Stack
CVE ID Name Publish Date References
CVE-2025-0522

LikeBot – Decentralized like-system <= 0.85 - Admin+ Stored XSS via CSRF

 2025-02-06T06:00:04.828Z

LikeBot Unknown
CVE-2025-0610

CSRF in Akinsoft's QR Menu

 2025-09-01T12:44:34.614Z

QR Menü Akınsoft
CVE-2025-0687

Spiritual Gifts Survey <= 0.9.10 - Unauthenticated CSRF to XSS

 2025-05-15T20:07:25.468Z

Spiritual Gifts Survey (and optional S.H.A.P.E survey) Unknown
CVE-2025-0688

Spiritual Gifts Survey <= 0.9.10 - Unauthenticated CSRF to XSS

 2025-05-15T20:07:25.673Z

Spiritual Gifts Survey (and optional S.H.A.P.E survey) Unknown
CVE-2025-10759

Webkul QloApps CSRF Token authorization

 2025-09-21T01:02:06.341Z

QloApps Webkul
CVE-2025-12221

CSRF Token not Properly Implemented

 BLU-IC4 Azure Access Technology

BLU-IC2 Azure Access Technology
CVE-2025-12479

Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation

 BLU-IC4 Azure Access Technology

BLU-IC2 Azure Access Technology
CVE-2025-1288

wooexim <= 5.0.0 - CSRF to Reflected XSS

 2025-05-15T20:07:26.315Z

WOOEXIM Unknown
CVE-2025-1362

easy-broken-link-checker <= 9.0.2 - Bulk Actions via CSRF

 2025-03-09T06:00:04.051Z

URL Shortener | Conversion Tracking | AB Testing | WooCommerce Unknown
CVE-2025-1382

Contact Us By Lord Linus <= 2.6 - Admin+ Stored XSS via CSRF

 2025-03-09T06:00:05.522Z

Contact Us By Lord Linus Unknown
CVE-2025-1436

Limit Bio <= 1.0 - Stored XSS via CSRF

 2025-03-13T06:00:07.220Z

Limit Bio Unknown
CVE-2025-1473

CSRF in mlflow/mlflow

 2025-03-20T10:10:20.747Z

mlflow/mlflow mlflow
CVE-2025-1762

Event Tickets with Ticket Scanner < 2.5.4 - Arbitrary Tickets Deletion via CSRF

 2025-03-28T06:00:03.726Z

Event Tickets with Ticket Scanner Unknown
CVE-2025-1926

Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Cross-Site Request Forgery (CSRF) To Post Contents Modification

 2025-03-10T04:21:10.711Z

Page Builder: Pagelayer – Drag and Drop website builder softaculous
CVE-2025-20228

Maintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise

 Splunk Cloud Platform Splunk

Splunk Enterprise Splunk
CVE-2025-20321

Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise

 Splunk Enterprise Cloud Splunk

Splunk Enterprise Splunk
CVE-2025-20322

Denial of Service (DoS) in Search Head Cluster through Cross-Site Request Forgery (CSRF) in Splunk Enterprise

 Splunk Enterprise Cloud Splunk

Splunk Enterprise Splunk
CVE-2025-40915

Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens

 2025-06-11T17:09:50.664Z

Mojolicious::Plugin::CSRF GRYPHON
CVE-2025-41254

Spring Framework STOMP CSRF Vulnerability

 2025-10-16T14:48:37.350Z

Spring Framework VMware
CVE-2025-41661

Weidmueller: Security routers IE-SR-2TX are affected by CSRF

 IE-SR-2TX-WL-4G-EU Weidmueller

IE-SR-2TX-WL Weidmueller
CVE-2025-42908

Cross-Site Request Forgery (CSRF) vulnerability in SAP NetWeaver Application Server for ABAP

 2025-10-14T00:18:04.097Z

SAP NetWeaver Application Server for ABAP SAP_SE
CVE-2025-42923

Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (F4044 Manage Work Center Groups)

 2025-09-09T02:09:47.744Z

SAP Fiori App (F4044 Manage Work Center Groups) SAP_SE
CVE-2025-43835

WordPress wp-cyr-cho plugin <= 0.1 - Cross Site Request Forgery (CSRF) vulnerability

 2025-05-19T17:26:45.474Z

wp-cyr-cho ktsvetkov
CVE-2025-43840

WordPress CheckBot plugin <= 1.05 - CSRF to Stored XSS vulnerability

 2025-05-19T17:07:20.828Z

CheckBot Ref
CVE-2025-46231

WordPress affiliate-toolkit <= 3.7.3 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-22T09:53:22.691Z

affiliate-toolkit SERVIT Software Solutions
CVE-2025-46241

WordPress Appointment Booking Calendar plugin <= 1.3.92 - CSRF to SQL Injection vulnerability

 2025-04-22T09:53:28.272Z

Appointment Booking Calendar codepeople
CVE-2025-46243

WordPress Recover abandoned cart for WooCommerce <= 2.2 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-22T09:53:29.407Z

Recover abandoned cart for WooCommerce sonalsinha21
CVE-2025-46245

WordPress CM Ad Changer <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-22T09:53:30.649Z

CM Ad Changer CreativeMindsSolutions
CVE-2025-46246

WordPress CM Answers <= 3.3.3 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-22T09:53:31.292Z

CM Answers CreativeMindsSolutions
CVE-2025-46249

WordPress Simple calendar for Elementor <= 1.6.4 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-22T09:53:32.446Z

Simple calendar for Elementor Michael
CVE-2025-46251

WordPress VikRestaurants Table Reservations and Take-Away plugin <= 1.3.3 - CSRF to Stored XSS vulnerability

 2025-04-22T09:53:33.910Z

VikRestaurants Table Reservations and Take-Away e4jvikwp
CVE-2025-46257

WordPress Element Pack Pro Plugin < 8.0.0 - Cross Site Request Forgery (CSRF) vulnerability

 2025-06-05T17:35:20.616Z

Element Pack Pro BdThemes
CVE-2025-46435

WordPress Time Based Greeting plugin <= 2.2.2 - CSRF to Stored XSS vulnerability

 2025-04-24T16:08:42.077Z

Time Based Greeting Yash Binani
CVE-2025-46436

WordPress SCSS-Library <= 0.4.1 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-24T16:08:43.210Z

SCSS-Library Sebastian Echeverry
CVE-2025-46439

WordPress Plugin Central plugin <= 2.5.1 - CSRF to Arbitrary File Deletion vulnerability

 2025-04-24T16:08:42.652Z

Plugin Central Vladimir Prelovac
CVE-2025-46442

WordPress Loan Calculator plugin <= 1.3 - CSRF to Stored XSS vulnerability

 2025-04-24T16:09:18.296Z

Loan Calculator Casey Johnson
CVE-2025-46450

WordPress occupancyplan plugin <= 1.0.3.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

 2025-04-24T16:08:44.315Z

occupancyplan x000x
CVE-2025-46452

WordPress Google News plugin <= 2.5.1 - CSRF to Stored XSS vulnerability

 2025-04-24T16:08:44.886Z

Google News Olav Kolbu
CVE-2025-46457

WordPress Wp Custom CMS Block plugin <= 2.1 - CSRF to Stored XSS vulnerability

 2025-04-24T16:09:07.315Z

Wp Custom CMS Block digontoahsan
CVE-2025-46458

WordPress occupancyplan plugin <= 1.0.3.0 - CSRF to SQL Injection vulnerability

 2025-05-23T12:43:44.578Z

occupancyplan x000x
CVE-2025-46462

WordPress WPVN <= 0.7.8 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-24T16:08:45.464Z

WPVN Trân Minh-Quân
CVE-2025-46465

WordPress Print Science Designer plugin <= 1.3.155 - CSRF to Stored XSS vulnerability

 2025-04-24T16:08:46.067Z

Print Science Designer John Weissberg
CVE-2025-46466

WordPress Modern Polls plugin <= 1.0.10 - CSRF to Stored XSS vulnerability

 2025-04-24T16:08:46.654Z

Modern Polls felixtz
CVE-2025-46492

WordPress Call Now PHT Blog plugin <= 2.4.1 - CSRF to XSS vulnerability

 2025-04-24T16:08:50.656Z

Call Now PHT Blog Pham Thanh
CVE-2025-46495

WordPress Drop Caps plugin <= 2.1 - CSRF to XSS vulnerability

 2025-04-24T16:08:51.253Z

Drop Caps tomontoast
CVE-2025-46497

WordPress Navegg Analytics plugin <= 3.3.3 - Cross Site Request Forgery (CSRF) vulnerability

 2025-04-24T16:08:51.811Z

Navegg Analytics Navegg
CVE-2025-46498

WordPress Zalo Official Live Chat <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability

 2025-04-24T16:09:27.592Z

Zalo Official Live Chat nghialuu
CVE-2025-46499

WordPress PayPal Express Checkout plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

 2025-04-24T16:08:52.364Z

PayPal Express Checkout hccoder
CVE-2025-46502

WordPress LSD Custom taxonomy and category meta plugin <= 1.3.2 - CSRF to XSS vulnerability

 2025-04-24T16:08:53.027Z

LSD Custom taxonomy and category meta Bas Matthee
CVE-2025-46504

WordPress Vasaio QR Code plugin <= 1.2.5 - CSRF to XSS vulnerability

 2025-04-24T16:08:53.617Z

Vasaio QR Code Olar Marius

Page created:

CVE year by year statistics.

CVE year statistics by common vulnerability domain.

Latest data from: 2025-11-11