WP CSRF DEC 2024
WP Cross-Site Request Forgery
Managed Woo/WP Security Report
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF DEC 2024 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit.
It is a +239% INCREASE compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a managed WP/Woo Security AUDIT, - OR - switching with a TOP10LIST alternative WP Security Plugin – OR – Hire us for your recurrent needs of managed WordPress Security and managed WooCommerce Security.
WHO needs managed WP security? EVERYBODY!
Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Request Forgery Patch Management.
The following cases made headlines PUBLICLY in the WP CSRF DEC 2024 & WP Cross-Site Request Forgery category:
| Addressbook | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Admin SMS Alert | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Advanced PDF Generator | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Advanced What should we write next about | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Ahmeti Wp Güzel Sözler | Cross-Site Request Forgery (CSRF) |
| Alphabetical List | Settings Update (BAC) from Cross-Site Request Forgery (CSRF) |
| Amazon Associate Filter | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| APK Downloader | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Appointmind | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| April's Call Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ArCa Payment Gateway | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Blizzard Quotes | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Build App Online | Cross-Site Request Forgery (CSRF) |
| Buying Buddy IDX CRM | Cross-Site Request Forgery (CSRF) to PHP Object Injection (BAC) |
| CM Table Of Contents – WordPress TOC Plugin | Settings Reset (BAC) from Cross-Site Request Forgery (CSRF) |
| CM Table Of Contents – WordPress TOC Plugin | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Contact Form by WPForms | Cross-Site Request Forgery (CSRF) to Plugin's Log Deletion (BAC) |
| Contact Forms by Cimatti | Cross-Site Request Forgery (CSRF) from process_bulk_action Function |
| Continue Shopping From Cart | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| CultBooking Hotel Booking Engine | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Author URL | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Post Type to Map Store | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Shortcode Sidebars | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| DancePress (TRWA) | Cross-Site Request Forgery (CSRF) |
| Disable Admin Notices individually | Cross-Site Request Forgery (CSRF) |
| Document & Data Automation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Donate Me | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Dynamic Widgets | Cross-Site Request Forgery (CSRF) |
| e-shops | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| eDoc Easy Tables | Cross-Site Request Forgery (CSRF) to SQL Injection (SQLi) |
| EleForms | Cross-Site Request Forgery (CSRF) |
| Essential Breadcrumbs | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Exclusive Content Password Protect | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| FastBook – Responsive Appointment Booking and Scheduling System | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Favicon My Blog | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Featured Posts Scroll | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Fence URL | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Flash Show And Hide Box | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Footer Flyout Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| FraudLabs Pro SMS Verification | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Friendly Functions for Welcart | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| GMO Social Connection | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Google Plus Share and +1 Button | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Hacklog DownloadManager | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| Hebrew Date | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Hotlink2Watermark | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| IceStats | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Idealien Category Enhancements | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| iPhone Webclip Manager | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ITERAS | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Jobify - Job Board WordPress Theme | Cross-Site Request Forgery (CSRF) |
| Kevin's | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Kognetiks Chatbot for WordPress | Cross-Site Request Forgery (CSRF) to Assistant Modification (BAC) |
| LinkLaunder SEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Load More Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Manage User Columns | Cross-Site Request Forgery (CSRF) |
| MDR Webmaster Tools | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Mins To Read | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Mobilize | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Multi Feed Reader | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Naver Blog | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Out Of Stock Badge | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| PayPal Responder | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Photo Video Store | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Platform.ly Official | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Post From Frontend | Post Deletion (BAC) from Cross-Site Request Forgery (CSRF) |
| Post Hits Counter | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Post Ideas | Cross-Site Request Forgery (CSRF) to SQL Injection (SQLi) |
| Protect Your Content | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Random Featured Post | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RealtyCandy IDX Broker Extended | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Responsive Flickr Gallery | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RingCentral Communications | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Seo Free | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SH Slideshow | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Silverlight Video Player | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Header and Footer | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Page Specific Sidebars | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Travel Map | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SK WP Settings Backup | Cross-Site Request Forgery (CSRF) to PHP Object Injection (BAC) |
| Skip To | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Skt NURCaptcha | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Sky Addons for Elementor | Cross-Site Request Forgery (CSRF) to Arbitrary Options Update (BAC) |
| SmartLink Dynamic URLs | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SpatialMatch IDX | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Sticky Social Bar | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ThemeFuse Maintenance Mode | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Third Party Cookie Eraser | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Twitter @Anywhere Plus | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| UPDATE NOTIFICATIONS | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| W3P SEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| W3SPEEDSTER | Cross-Site Request Forgery (CSRF) |
| Webriti Custom Login | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| While Loading | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WIP Incoming Lite | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WooCommerce Report | Cross-Site Request Forgery (CSRF) to Arbitrary Options Update (BAC) |
| wp auto top | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Course Manager | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Popup Window Maker | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Revisions Manager | Cross-Site Request Forgery (CSRF) |
| WP-ISPConfig 3 | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP-Orphanage Extended | Cross-Site Request Forgery (CSRF) to Orphan Account Privilege Escalation (BAC) |
| Yahoo! WebPlayer | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| yPHPlista | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Zajax – Ajax Navigation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 766 |
WHO needs managed WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Request Forgery Patch Management.
Security is not a single-task job
Need managed WP Security and got no clue where to start? Hire an expert. Pay a coffee per week, its cheaper than 1 hour for a freelancer.
Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Request Forgery audit! Decide after you compare RISK + IMPACT versus COST.
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) monthly: technical monthly: owlpower services weekly: inspiration weekly: featured request managed help (tailored newsletter only for you) weekly: news Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and occasional with…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) monthly: technical monthly: owlpower services weekly: inspiration weekly: featured request managed help (tailored newsletter only for you) weekly: news Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and occasional with…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) monthly: technical monthly: owlpower services weekly: inspiration weekly: featured request managed help (tailored newsletter only for you) weekly: news Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and occasional with…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) monthly: technical monthly: owlpower services weekly: inspiration weekly: featured request managed help (tailored newsletter only for you) weekly: news Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and occasional with…
We’re passionate about helping you grow and make your impact
Continue being informed
Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes.
Weekly inspiration, news and occasional with hand-picked deals. Unsubscribe anytime.
Български
Čeština
English
Ελληνικά
Magyar
Polski
Português
Română
Русский
Српски језик
Slovenčina
Slovenščina
Español
Türkçe