WP CSRF DEC 2024
WP Cross-Site Request Forgery
Tailored Woo/WP Security Report
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF DEC 2024 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit.
It is a +239% INCREASE compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a tailored WP/Woo Security AUDIT, - OR - switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for tailored WP Security.
WHO needs tailored WP security? EVERYBODY!
Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Request Forgery Patch Management.
The following cases made headlines PUBLICLY in the WP CSRF DEC 2024 & WP Cross-Site Request Forgery category:
| Addressbook | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Admin SMS Alert | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Advanced PDF Generator | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Advanced What should we write next about | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Ahmeti Wp Güzel Sözler | Cross-Site Request Forgery (CSRF) |
| Alphabetical List | Settings Update (BAC) from Cross-Site Request Forgery (CSRF) |
| Amazon Associate Filter | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| APK Downloader | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Appointmind | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| April's Call Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ArCa Payment Gateway | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Blizzard Quotes | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Build App Online | Cross-Site Request Forgery (CSRF) |
| Buying Buddy IDX CRM | Cross-Site Request Forgery (CSRF) to PHP Object Injection (BAC) |
| CM Table Of Contents – WordPress TOC Plugin | Settings Reset (BAC) from Cross-Site Request Forgery (CSRF) |
| CM Table Of Contents – WordPress TOC Plugin | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Contact Form by WPForms | Cross-Site Request Forgery (CSRF) to Plugin's Log Deletion (BAC) |
| Contact Forms by Cimatti | Cross-Site Request Forgery (CSRF) from process_bulk_action Function |
| Continue Shopping From Cart | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| CultBooking Hotel Booking Engine | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Author URL | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Post Type to Map Store | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Shortcode Sidebars | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| DancePress (TRWA) | Cross-Site Request Forgery (CSRF) |
| Disable Admin Notices individually | Cross-Site Request Forgery (CSRF) |
| Document & Data Automation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Donate Me | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Dynamic Widgets | Cross-Site Request Forgery (CSRF) |
| e-shops | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| eDoc Easy Tables | Cross-Site Request Forgery (CSRF) to SQL Injection (SQLi) |
| EleForms | Cross-Site Request Forgery (CSRF) |
| Essential Breadcrumbs | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Exclusive Content Password Protect | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| FastBook – Responsive Appointment Booking and Scheduling System | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Favicon My Blog | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Featured Posts Scroll | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Fence URL | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Flash Show And Hide Box | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Footer Flyout Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| FraudLabs Pro SMS Verification | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Friendly Functions for Welcart | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| GMO Social Connection | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Google Plus Share and +1 Button | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Hacklog DownloadManager | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| Hebrew Date | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Hotlink2Watermark | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| IceStats | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Idealien Category Enhancements | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| iPhone Webclip Manager | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ITERAS | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Jobify - Job Board WordPress Theme | Cross-Site Request Forgery (CSRF) |
| Kevin's | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Kognetiks Chatbot for WordPress | Cross-Site Request Forgery (CSRF) to Assistant Modification (BAC) |
| LinkLaunder SEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Load More Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Manage User Columns | Cross-Site Request Forgery (CSRF) |
| MDR Webmaster Tools | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Mins To Read | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Mobilize | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Multi Feed Reader | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Naver Blog | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Out Of Stock Badge | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| PayPal Responder | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Photo Video Store | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Platform.ly Official | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Post From Frontend | Post Deletion (BAC) from Cross-Site Request Forgery (CSRF) |
| Post Hits Counter | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Post Ideas | Cross-Site Request Forgery (CSRF) to SQL Injection (SQLi) |
| Protect Your Content | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Random Featured Post | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RealtyCandy IDX Broker Extended | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Responsive Flickr Gallery | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RingCentral Communications | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Seo Free | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SH Slideshow | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Silverlight Video Player | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Header and Footer | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Page Specific Sidebars | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Travel Map | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SK WP Settings Backup | Cross-Site Request Forgery (CSRF) to PHP Object Injection (BAC) |
| Skip To | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Skt NURCaptcha | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Sky Addons for Elementor | Cross-Site Request Forgery (CSRF) to Arbitrary Options Update (BAC) |
| SmartLink Dynamic URLs | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SpatialMatch IDX | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Sticky Social Bar | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ThemeFuse Maintenance Mode | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Third Party Cookie Eraser | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Twitter @Anywhere Plus | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| UPDATE NOTIFICATIONS | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| W3P SEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| W3SPEEDSTER | Cross-Site Request Forgery (CSRF) |
| Webriti Custom Login | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| While Loading | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WIP Incoming Lite | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WooCommerce Report | Cross-Site Request Forgery (CSRF) to Arbitrary Options Update (BAC) |
| wp auto top | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Course Manager | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Popup Window Maker | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Revisions Manager | Cross-Site Request Forgery (CSRF) |
| WP-ISPConfig 3 | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP-Orphanage Extended | Cross-Site Request Forgery (CSRF) to Orphan Account Privilege Escalation (BAC) |
| Yahoo! WebPlayer | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| yPHPlista | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Zajax – Ajax Navigation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 766 |
WHO needs tailored WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Request Forgery Patch Management.
Security is not a single-task job
Need tailored WP Security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.
