WP CSRF MAY 2024
WP Cross-Site Request Forgery
Managed Woo/WP Security Report
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF MAY 2024 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit.
It is a +267% INCREASE compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a managed WP/Woo Security AUDIT, - OR - switching with a TOP10LIST alternative WP Security Plugin – OR – Hire us for your recurrent needs of managed WordPress Security and managed WooCommerce Security.
WHO needs managed WP security? EVERYBODY!
Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Request Forgery Patch Management.
The following cases made headlines PUBLICLY in the WP CSRF MAY 2024 & WP Cross-Site Request Forgery category:
| Ads.txt Admin | Cross-Site Request Forgery (CSRF) |
| Advanced Search | Shortcode Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| AffiEasy | Cross-Site Request Forgery (CSRF) |
| Amelia | Cross-Site Request Forgery (CSRF) |
| AppPresser | Cross-Site Request Forgery (CSRF) |
| AppPresser | Cross-Site Request Forgery (CSRF) |
| ARForms Form Builder | Cross-Site Request Forgery (CSRF) |
| Asgaros Forum | Cross-Site Request Forgery (CSRF) |
| Automatic | Multiple Cross-Site Request Forgery (CSRF) |
| AWP Classifieds | Cross-Site Request Forgery (CSRF) |
| BEAF | Cross-Site Request Forgery (CSRF) |
| BEAR | Cross-Site Request Forgery (CSRF) |
| Before And After | Cross-Site Request Forgery (CSRF) |
| Benchmark Email Lite | Cross-Site Request Forgery (CSRF) |
| Better Chat Support | Cross-Site Request Forgery (CSRF) |
| Blocksy Companion | Cross-Site Request Forgery (CSRF) |
| Blocksy Theme | Cross-Site Request Forgery (CSRF) |
| BMI Adult & Kid Calculator | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Calendarista Basic Edition | Cross-Site Request Forgery (CSRF) |
| Church Admin | Cross-Site Request Forgery (CSRF) |
| Church Content – Sermons, Events and More | Cross-Site Request Forgery (CSRF) |
| Citadela Listing | Cross-Site Request Forgery (CSRF) |
| CityLogic Theme | Cross-Site Request Forgery (CSRF) |
| Classified Listing | Cross-Site Request Forgery (CSRF) to Account Takeover via rtcl_Update (BAC)_user_account |
| ClickCease Click Fraud Protection | Cross-Site Request Forgery (CSRF) |
| CM Tooltip Glossary | Cross-Site Request Forgery (CSRF) |
| Coming Soon Page, Under Construction & Maintenance Mode by SeedProd | Cross-Site Request Forgery (CSRF) |
| Community by PeepSo | Cross-Site Request Forgery (CSRF) |
| Contact Form 7 Extension For Mailchimp | Cross-Site Request Forgery (CSRF) |
| Contact Form & Lead Form Elementor Builder | Cross-Site Request Forgery (CSRF) |
| Convert Post Types | Cross-Site Request Forgery (CSRF) |
| CP Media Player | Cross-Site Request Forgery (CSRF) |
| Crony Cronjob Manager | Cross-Site Request Forgery (CSRF) |
| Currency per Product for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Dashboard To Do List | Cross-Site Request Forgery (CSRF) |
| Decode Theme | Cross-Site Request Forgery (CSRF) |
| Default Mag Theme | Cross-Site Request Forgery (CSRF) |
| Delete Custom Fields | Cross-Site Request Forgery (CSRF) to Post Meta Deletion (BAC) |
| Digital Publications by Supsystic | Cross-Site Request Forgery (CSRF) |
| Download (BAC) IP2Location Country Blocker | Cross-Site Request Forgery (CSRF) |
| e2pdf | Cross-Site Request Forgery (CSRF) |
| Easy Digital Download (BAC)s | Cross-Site Request Forgery (CSRF) |
| Easy Google Maps | Cross-Site Request Forgery (CSRF) |
| eCommerce Product Catalog | Cross-Site Request Forgery (CSRF) |
| ELEX WooCommerce Dynamic Pricing and Discounts | Cross-Site Request Forgery (CSRF) |
| ELEX WooCommerce Dynamic Pricing and Discounts | Cross-Site Request Forgery (CSRF) |
| Email Marketing for WooCommerce by Omnisend | Cross-Site Request Forgery (CSRF) |
| Emmet Lite Theme | Cross-Site Request Forgery (CSRF) |
| ENL Newsletter | Campaign Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| ENL Newsletter | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| EnvíaloSimple | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| Event Manager for WooCommerce | Cross-Site Request Forgery (CSRF) |
| EWWW Image Optimiser | Cross-Site Request Forgery (CSRF) |
| Extra Product Options Builder for WooCommerce | Cross-Site Request Forgery (CSRF) |
| FameTheme Demo Importer | Cross-Site Request Forgery (CSRF) |
| Favicon | Cross-Site Request Forgery (CSRF) |
| Feather Login Page | Cross-Site Request Forgery (CSRF) |
| Finale Lite | Cross-Site Request Forgery (CSRF) |
| Financio Theme | Cross-Site Request Forgery (CSRF) |
| Flash Video Player | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Gallery Box | Cross-Site Request Forgery (CSRF) |
| Generate Child Theme | Cross-Site Request Forgery (CSRF) |
| GEO my WordPress | Cross-Site Request Forgery (CSRF) |
| Gift Vouchers | Cross-Site Request Forgery (CSRF) |
| Gridsby Theme | Cross-Site Request Forgery (CSRF) |
| HappenStance Theme | Cross-Site Request Forgery (CSRF) |
| Headline Analyser | Cross-Site Request Forgery (CSRF) |
| Hello Elementor Theme | Cross-Site Request Forgery (CSRF) |
| Hide Dashboard Notifications | Cross-Site Request Forgery (CSRF) |
| i excel Theme | Cross-Site Request Forgery (CSRF) |
| i max Theme | Cross-Site Request Forgery (CSRF) |
| Import any XML or CSV File to WordPress | Cross-Site Request Forgery (CSRF) |
| Inline Related Posts | Cross-Site Request Forgery (CSRF) |
| Intrace Theme | Cross-Site Request Forgery (CSRF) |
| Kimili Flash Embed | Cross-Site Request Forgery (CSRF) |
| Leadinfo | Cross-Site Request Forgery (CSRF) |
| LearnPress | Cross-Site Request Forgery (CSRF) to Privilege Escalation (BAC) |
| Legal Pages | Cross-Site Request Forgery (CSRF) |
| Libsyn Publisher Hub | Cross-Site Request Forgery (CSRF) |
| LifterLMS | Cross-Site Request Forgery (CSRF) |
| Lightning Theme | Cross-Site Request Forgery (CSRF) |
| Link Whisper Free | Cross-Site Request Forgery (CSRF) |
| Loan Repayment Calculator and Application Form | Cross-Site Request Forgery (CSRF) |
| Login With Ajax | Cross-Site Request Forgery (CSRF) |
| Login with phone number | Cross-Site Request Forgery (CSRF) |
| MailChimp Forms by MailMunch | Cross-Site Request Forgery (CSRF) |
| MainWP Child Reports | Cross-Site Request Forgery (CSRF) |
| Marker.io | Cross-Site Request Forgery (CSRF) |
| MF Gig Calendar | Cross-Site Request Forgery (CSRF) |
| MihanPanel | Cross-Site Request Forgery (CSRF) |
| MM email2image | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| MultiParcels Shipping For WooCommerce | Cross-Site Request Forgery (CSRF) |
| Multiple Page Generator Plugin – MPG | Cross-Site Request Forgery (CSRF) |
| Namaha Theme | Cross-Site Request Forgery (CSRF) |
| Newsletter | Cross-Site Request Forgery (CSRF) |
| News Wall | Cross-Site Request Forgery (CSRF) to Plugin Settings Update (BAC) |
| NewsXpress Theme | Cross-Site Request Forgery (CSRF) |
| NextMove Lite | Cross-Site Request Forgery (CSRF) |
| No Bot Registration | Cross-Site Request Forgery (CSRF) |
| Novelist | Cross-Site Request Forgery (CSRF) |
| NPS computy | Results Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| Nudgify Social Proof, Sales Popup & FOMO | Cross-Site Request Forgery (CSRF) |
| OptinMonster | Cross-Site Request Forgery (CSRF) Notice Dismissal |
| Order Delivery Date for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Page Builder: Live Composer | Cross-Site Request Forgery (CSRF) |
| Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
| Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
| Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
| Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
| Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
| Paid Member Subscriptions | Cross-Site Request Forgery (CSRF) |
| Panoramic Theme | Cross-Site Request Forgery (CSRF) |
| PeproDev CF7 Database | Cross-Site Request Forgery (CSRF) |
| Photology Theme | Cross-Site Request Forgery (CSRF) |
| Piotnet Addons For Elementor Pro | Cross-Site Request Forgery (CSRF) |
| Pocket News Generator | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
| PopularFX Theme | Cross-Site Request Forgery (CSRF) |
| Post Views Counter | Cross-Site Request Forgery (CSRF) |
| Product Input Fields for WooCommerce | Cross-Site Request Forgery (CSRF) |
| ProfileGrid | Cross-Site Request Forgery (CSRF) |
| Radio Station | Cross-Site Request Forgery (CSRF) |
| ReDi Restaurant Reservation | Cross-Site Request Forgery (CSRF) |
| ReDi Restaurant Reservation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Regenerate post permalink | Cross-Site Request Forgery (CSRF) |
| Related Posts for WordPress | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RestroPress | Cross-Site Request Forgery (CSRF) |
| Royal Elementor Kit Theme | Cross-Site Request Forgery (CSRF) |
| Salon booking system | Settings Update (BAC) via Cross-Site Request Forgery (CSRF) |
| Sangar Slider | Cross-Site Request Forgery (CSRF) |
| Sarada Lite Theme | Cross-Site Request Forgery (CSRF) |
| SecuPress Free | Cross-Site Request Forgery (CSRF) to Banned IP Address |
| Seers | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Sensible WP Theme | Cross-Site Request Forgery (CSRF) |
| SEO Booster | Cross-Site Request Forgery (CSRF) |
| Serious Slider | Cross-Site Request Forgery (CSRF) |
| Sheets To WP Table Live Sync | Cross-Site Request Forgery (CSRF) |
| Shopstar! Theme | Cross-Site Request Forgery (CSRF) |
| Sign up Sheets | Cross-Site Request Forgery (CSRF) |
| Simple Buttons Creator | Arbitrary Button Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| Simple Post Notes | Cross-Site Request Forgery (CSRF) |
| Siteimprove | Cross-Site Request Forgery (CSRF) |
| Slash Admin | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Slideshow Gallery | Cross-Site Request Forgery (CSRF) |
| Sliding Door Theme | Cross-Site Request Forgery (CSRF) |
| Smart Forms | Edit Entries via Cross-Site Request Forgery (CSRF) |
| Smart Maintenance Mode | Cross-Site Request Forgery (CSRF) |
| Smart Online Order for Clover | Cross-Site Request Forgery (CSRF) Leading to Coupon Creation/Modification (BAC) |
| Smash Balloon Social Post Feed | Cross-Site Request Forgery (CSRF) |
| Soledad Theme | Cross-Site Request Forgery (CSRF) |
| Spa and Salon Theme | Cross-Site Request Forgery (CSRF) |
| Spotlight Social Media Feeds | Cross-Site Request Forgery (CSRF) |
| Sumo | Cross-Site Request Forgery (CSRF) |
| Sync Post With Other Site | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Table & Contact Form 7 Database – Tablesome | Cross-Site Request Forgery (CSRF) |
| Teluro | Cross-Site Request Forgery (CSRF) |
| TempTool [Show Current Template Info] | Cross-Site Request Forgery (CSRF) |
| The Conference Theme | Cross-Site Request Forgery (CSRF) |
| The Events Calendar | Cross-Site Request Forgery (CSRF) |
| Themify – WooCommerce Product Filter | Filter Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| The Pack Elementor addons | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| TOP Table Of Contents | Cross-Site Request Forgery (CSRF) |
| Transcoder | Cross-Site Request Forgery (CSRF) |
| Travey Theme | Cross-Site Request Forgery (CSRF) |
| Ultimate Maps by Supsystic | Cross-Site Request Forgery (CSRF) |
| Ultimate Product Catalogue | Cross-Site Request Forgery (CSRF) |
| Unlimited Elementor Inner Sections By BoomDevs | Cross-Site Request Forgery (CSRF) |
| UsersWP | Cross-Site Request Forgery (CSRF) |
| USPS Shipping for WooCommerce – Live Rates | Cross-Site Request Forgery (CSRF) |
| Wallet System for WooCommerce | Cross-Site Request Forgery (CSRF) |
| WebinarIgnition | Cross-Site Request Forgery (CSRF) |
| Welcart e Commerce | Cross-Site Request Forgery (CSRF) |
| WOLF | Cross-Site Request Forgery (CSRF) |
| WooCommerce | Cross-Site Request Forgery (CSRF) |
| WooCommerce Cart Abandonment Recovery | Templates/Abandoned Orders Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| WooCommerce Checkout Field Editor (Checkout Manager) | Cross-Site Request Forgery (CSRF) |
| WooCommerce UPS Shipping – Live Rates and Access (BAC) Points | Cross-Site Request Forgery (CSRF) |
| WordPress Comments Import & Export | Cross-Site Request Forgery (CSRF) |
| WordPress Hosting Benchmark tool | Cross-Site Request Forgery (CSRF) |
| WordPress Tooltips | Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) |
| WP ADA Compliance Check Basic | Cross-Site Request Forgery (CSRF) |
| WPCal.io – Easy Meeting Scheduler | Cross-Site Request Forgery (CSRF) |
| WP Client Reports | Cross-Site Request Forgery (CSRF) |
| WP Compress – Image Optimiser [All In One] | Cross-Site Request Forgery (CSRF) |
| WP EasyCart | Cross-Site Request Forgery (CSRF) |
| WP Eggdrop | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
| WP Event Aggregator | Cross-Site Request Forgery (CSRF) |
| WP GDPR Compliance | Cross-Site Request Forgery (CSRF) |
| WP Mail Catcher | Cross-Site Request Forgery (CSRF) |
| WP Matterport Shortcode | Cross-Site Request Forgery (CSRF) |
| WP Migration Plugin DB & Files – WP Synchro | Cross-Site Request Forgery (CSRF) |
| WP Server Health Stats | Cross-Site Request Forgery (CSRF) |
| WpTravelly | Cross-Site Request Forgery (CSRF) |
| XPlainer WooCommerce Product FAQ | Cross-Site Request Forgery (CSRF) |
| X T9 Theme | Cross-Site Request Forgery (CSRF) |
| YITH WooCommerce Compare | Cross-Site Request Forgery (CSRF) |
| Zeever Theme | Cross-Site Request Forgery (CSRF) |
| Zoho Campaigns | Cross-Site Request Forgery (CSRF) |
| Zoho Campaigns | Cross-Site Request Forgery (CSRF) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 355 |
WHO needs managed WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Request Forgery Patch Management.
Security is not a single-task job
Need managed WP Security and got no clue where to start? Hire an expert. Pay a coffee per week, its cheaper than 1 hour for a freelancer.
Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Request Forgery audit! Decide after you compare RISK + IMPACT versus COST.
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact
Continue being informed
Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes.
Weekly inspiration, news and occasional with hand-picked deals. Unsubscribe anytime.
