WP CSRF MAY 2024
WP Cross-Site Request Forgery
Tailored Woo/WP Security Report
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF MAY 2024 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit.
It is a +267% INCREASE compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a tailored WP/Woo Security AUDIT, - OR - switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for tailored WP Security.
WHO needs tailored WP security? EVERYBODY!
Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Request Forgery Patch Management.
The following cases made headlines PUBLICLY in the WP CSRF MAY 2024 & WP Cross-Site Request Forgery category:
Ads.txt Admin | Cross-Site Request Forgery (CSRF) |
Advanced Search | Shortcode Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
AffiEasy | Cross-Site Request Forgery (CSRF) |
Amelia | Cross-Site Request Forgery (CSRF) |
AppPresser | Cross-Site Request Forgery (CSRF) |
AppPresser | Cross-Site Request Forgery (CSRF) |
ARForms Form Builder | Cross-Site Request Forgery (CSRF) |
Asgaros Forum | Cross-Site Request Forgery (CSRF) |
Automatic | Multiple Cross-Site Request Forgery (CSRF) |
AWP Classifieds | Cross-Site Request Forgery (CSRF) |
BEAF | Cross-Site Request Forgery (CSRF) |
BEAR | Cross-Site Request Forgery (CSRF) |
Before And After | Cross-Site Request Forgery (CSRF) |
Benchmark Email Lite | Cross-Site Request Forgery (CSRF) |
Better Chat Support | Cross-Site Request Forgery (CSRF) |
Blocksy Companion | Cross-Site Request Forgery (CSRF) |
Blocksy Theme | Cross-Site Request Forgery (CSRF) |
BMI Adult & Kid Calculator | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Calendarista Basic Edition | Cross-Site Request Forgery (CSRF) |
Church Admin | Cross-Site Request Forgery (CSRF) |
Church Content – Sermons, Events and More | Cross-Site Request Forgery (CSRF) |
Citadela Listing | Cross-Site Request Forgery (CSRF) |
CityLogic Theme | Cross-Site Request Forgery (CSRF) |
Classified Listing | Cross-Site Request Forgery (CSRF) to Account Takeover via rtcl_Update (BAC)_user_account |
ClickCease Click Fraud Protection | Cross-Site Request Forgery (CSRF) |
CM Tooltip Glossary | Cross-Site Request Forgery (CSRF) |
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd | Cross-Site Request Forgery (CSRF) |
Community by PeepSo | Cross-Site Request Forgery (CSRF) |
Contact Form 7 Extension For Mailchimp | Cross-Site Request Forgery (CSRF) |
Contact Form & Lead Form Elementor Builder | Cross-Site Request Forgery (CSRF) |
Convert Post Types | Cross-Site Request Forgery (CSRF) |
CP Media Player | Cross-Site Request Forgery (CSRF) |
Crony Cronjob Manager | Cross-Site Request Forgery (CSRF) |
Currency per Product for WooCommerce | Cross-Site Request Forgery (CSRF) |
Dashboard To Do List | Cross-Site Request Forgery (CSRF) |
Decode Theme | Cross-Site Request Forgery (CSRF) |
Default Mag Theme | Cross-Site Request Forgery (CSRF) |
Delete Custom Fields | Cross-Site Request Forgery (CSRF) to Post Meta Deletion (BAC) |
Digital Publications by Supsystic | Cross-Site Request Forgery (CSRF) |
Download (BAC) IP2Location Country Blocker | Cross-Site Request Forgery (CSRF) |
e2pdf | Cross-Site Request Forgery (CSRF) |
Easy Digital Download (BAC)s | Cross-Site Request Forgery (CSRF) |
Easy Google Maps | Cross-Site Request Forgery (CSRF) |
eCommerce Product Catalog | Cross-Site Request Forgery (CSRF) |
ELEX WooCommerce Dynamic Pricing and Discounts | Cross-Site Request Forgery (CSRF) |
ELEX WooCommerce Dynamic Pricing and Discounts | Cross-Site Request Forgery (CSRF) |
Email Marketing for WooCommerce by Omnisend | Cross-Site Request Forgery (CSRF) |
Emmet Lite Theme | Cross-Site Request Forgery (CSRF) |
ENL Newsletter | Campaign Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
ENL Newsletter | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
EnvíaloSimple | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
Event Manager for WooCommerce | Cross-Site Request Forgery (CSRF) |
EWWW Image Optimizer | Cross-Site Request Forgery (CSRF) |
Extra Product Options Builder for WooCommerce | Cross-Site Request Forgery (CSRF) |
FameTheme Demo Importer | Cross-Site Request Forgery (CSRF) |
Favicon | Cross-Site Request Forgery (CSRF) |
Feather Login Page | Cross-Site Request Forgery (CSRF) |
Finale Lite | Cross-Site Request Forgery (CSRF) |
Financio Theme | Cross-Site Request Forgery (CSRF) |
Flash Video Player | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Gallery Box | Cross-Site Request Forgery (CSRF) |
Generate Child Theme | Cross-Site Request Forgery (CSRF) |
GEO my WordPress | Cross-Site Request Forgery (CSRF) |
Gift Vouchers | Cross-Site Request Forgery (CSRF) |
Gridsby Theme | Cross-Site Request Forgery (CSRF) |
HappenStance Theme | Cross-Site Request Forgery (CSRF) |
Headline Analyzer | Cross-Site Request Forgery (CSRF) |
Hello Elementor Theme | Cross-Site Request Forgery (CSRF) |
Hide Dashboard Notifications | Cross-Site Request Forgery (CSRF) |
i excel Theme | Cross-Site Request Forgery (CSRF) |
i max Theme | Cross-Site Request Forgery (CSRF) |
Import any XML or CSV File to WordPress | Cross-Site Request Forgery (CSRF) |
Inline Related Posts | Cross-Site Request Forgery (CSRF) |
Intrace Theme | Cross-Site Request Forgery (CSRF) |
Kimili Flash Embed | Cross-Site Request Forgery (CSRF) |
Leadinfo | Cross-Site Request Forgery (CSRF) |
LearnPress | Cross-Site Request Forgery (CSRF) to Privilege Escalation (BAC) |
Legal Pages | Cross-Site Request Forgery (CSRF) |
Libsyn Publisher Hub | Cross-Site Request Forgery (CSRF) |
LifterLMS | Cross-Site Request Forgery (CSRF) |
Lightning Theme | Cross-Site Request Forgery (CSRF) |
Link Whisper Free | Cross-Site Request Forgery (CSRF) |
Loan Repayment Calculator and Application Form | Cross-Site Request Forgery (CSRF) |
Login With Ajax | Cross-Site Request Forgery (CSRF) |
Login with phone number | Cross-Site Request Forgery (CSRF) |
MailChimp Forms by MailMunch | Cross-Site Request Forgery (CSRF) |
MainWP Child Reports | Cross-Site Request Forgery (CSRF) |
Marker.io | Cross-Site Request Forgery (CSRF) |
MF Gig Calendar | Cross-Site Request Forgery (CSRF) |
MihanPanel | Cross-Site Request Forgery (CSRF) |
MM email2image | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
MultiParcels Shipping For WooCommerce | Cross-Site Request Forgery (CSRF) |
Multiple Page Generator Plugin – MPG | Cross-Site Request Forgery (CSRF) |
Namaha Theme | Cross-Site Request Forgery (CSRF) |
Newsletter | Cross-Site Request Forgery (CSRF) |
News Wall | Cross-Site Request Forgery (CSRF) to Plugin Settings Update (BAC) |
NewsXpress Theme | Cross-Site Request Forgery (CSRF) |
NextMove Lite | Cross-Site Request Forgery (CSRF) |
No Bot Registration | Cross-Site Request Forgery (CSRF) |
Novelist | Cross-Site Request Forgery (CSRF) |
NPS computy | Results Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
Nudgify Social Proof, Sales Popup & FOMO | Cross-Site Request Forgery (CSRF) |
OptinMonster | Cross-Site Request Forgery (CSRF) Notice Dismissal |
Order Delivery Date for WooCommerce | Cross-Site Request Forgery (CSRF) |
Page Builder: Live Composer | Cross-Site Request Forgery (CSRF) |
Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
Paid Memberships Pro | Cross-Site Request Forgery (CSRF) |
Paid Member Subscriptions | Cross-Site Request Forgery (CSRF) |
Panoramic Theme | Cross-Site Request Forgery (CSRF) |
PeproDev CF7 Database | Cross-Site Request Forgery (CSRF) |
Photology Theme | Cross-Site Request Forgery (CSRF) |
Piotnet Addons For Elementor Pro | Cross-Site Request Forgery (CSRF) |
Pocket News Generator | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
PopularFX Theme | Cross-Site Request Forgery (CSRF) |
Post Views Counter | Cross-Site Request Forgery (CSRF) |
Product Input Fields for WooCommerce | Cross-Site Request Forgery (CSRF) |
ProfileGrid | Cross-Site Request Forgery (CSRF) |
Radio Station | Cross-Site Request Forgery (CSRF) |
ReDi Restaurant Reservation | Cross-Site Request Forgery (CSRF) |
ReDi Restaurant Reservation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Regenerate post permalink | Cross-Site Request Forgery (CSRF) |
Related Posts for WordPress | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
RestroPress | Cross-Site Request Forgery (CSRF) |
Royal Elementor Kit Theme | Cross-Site Request Forgery (CSRF) |
Salon booking system | Settings Update (BAC) via Cross-Site Request Forgery (CSRF) |
Sangar Slider | Cross-Site Request Forgery (CSRF) |
Sarada Lite Theme | Cross-Site Request Forgery (CSRF) |
SecuPress Free | Cross-Site Request Forgery (CSRF) to Banned IP Address |
Seers | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Sensible WP Theme | Cross-Site Request Forgery (CSRF) |
SEO Booster | Cross-Site Request Forgery (CSRF) |
Serious Slider | Cross-Site Request Forgery (CSRF) |
Sheets To WP Table Live Sync | Cross-Site Request Forgery (CSRF) |
Shopstar! Theme | Cross-Site Request Forgery (CSRF) |
Sign up Sheets | Cross-Site Request Forgery (CSRF) |
Simple Buttons Creator | Arbitrary Button Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
Simple Post Notes | Cross-Site Request Forgery (CSRF) |
Siteimprove | Cross-Site Request Forgery (CSRF) |
Slash Admin | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Slideshow Gallery | Cross-Site Request Forgery (CSRF) |
Sliding Door Theme | Cross-Site Request Forgery (CSRF) |
Smart Forms | Edit Entries via Cross-Site Request Forgery (CSRF) |
Smart Maintenance Mode | Cross-Site Request Forgery (CSRF) |
Smart Online Order for Clover | Cross-Site Request Forgery (CSRF) Leading to Coupon Creation/Modification (BAC) |
Smash Balloon Social Post Feed | Cross-Site Request Forgery (CSRF) |
Soledad Theme | Cross-Site Request Forgery (CSRF) |
Spa and Salon Theme | Cross-Site Request Forgery (CSRF) |
Spotlight Social Media Feeds | Cross-Site Request Forgery (CSRF) |
Sumo | Cross-Site Request Forgery (CSRF) |
Sync Post With Other Site | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Table & Contact Form 7 Database – Tablesome | Cross-Site Request Forgery (CSRF) |
Teluro | Cross-Site Request Forgery (CSRF) |
TempTool [Show Current Template Info] | Cross-Site Request Forgery (CSRF) |
The Conference Theme | Cross-Site Request Forgery (CSRF) |
The Events Calendar | Cross-Site Request Forgery (CSRF) |
Themify – WooCommerce Product Filter | Filter Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
The Pack Elementor addons | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
TOP Table Of Contents | Cross-Site Request Forgery (CSRF) |
Transcoder | Cross-Site Request Forgery (CSRF) |
Travey Theme | Cross-Site Request Forgery (CSRF) |
Ultimate Maps by Supsystic | Cross-Site Request Forgery (CSRF) |
Ultimate Product Catalogue | Cross-Site Request Forgery (CSRF) |
Unlimited Elementor Inner Sections By BoomDevs | Cross-Site Request Forgery (CSRF) |
UsersWP | Cross-Site Request Forgery (CSRF) |
USPS Shipping for WooCommerce – Live Rates | Cross-Site Request Forgery (CSRF) |
Wallet System for WooCommerce | Cross-Site Request Forgery (CSRF) |
WebinarIgnition | Cross-Site Request Forgery (CSRF) |
Welcart e Commerce | Cross-Site Request Forgery (CSRF) |
WOLF | Cross-Site Request Forgery (CSRF) |
WooCommerce | Cross-Site Request Forgery (CSRF) |
WooCommerce Cart Abandonment Recovery | Templates/Abandoned Orders Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
WooCommerce Checkout Field Editor (Checkout Manager) | Cross-Site Request Forgery (CSRF) |
WooCommerce UPS Shipping – Live Rates and Access (BAC) Points | Cross-Site Request Forgery (CSRF) |
WordPress Comments Import & Export | Cross-Site Request Forgery (CSRF) |
WordPress Hosting Benchmark tool | Cross-Site Request Forgery (CSRF) |
WordPress Tooltips | Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) |
WP ADA Compliance Check Basic | Cross-Site Request Forgery (CSRF) |
WPCal.io – Easy Meeting Scheduler | Cross-Site Request Forgery (CSRF) |
WP Client Reports | Cross-Site Request Forgery (CSRF) |
WP Compress – Image Optimizer [All In One] | Cross-Site Request Forgery (CSRF) |
WP EasyCart | Cross-Site Request Forgery (CSRF) |
WP Eggdrop | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
WP Event Aggregator | Cross-Site Request Forgery (CSRF) |
WP GDPR Compliance | Cross-Site Request Forgery (CSRF) |
WP Mail Catcher | Cross-Site Request Forgery (CSRF) |
WP Matterport Shortcode | Cross-Site Request Forgery (CSRF) |
WP Migration Plugin DB & Files – WP Synchro | Cross-Site Request Forgery (CSRF) |
WP Server Health Stats | Cross-Site Request Forgery (CSRF) |
WpTravelly | Cross-Site Request Forgery (CSRF) |
XPlainer WooCommerce Product FAQ | Cross-Site Request Forgery (CSRF) |
X T9 Theme | Cross-Site Request Forgery (CSRF) |
YITH WooCommerce Compare | Cross-Site Request Forgery (CSRF) |
Zeever Theme | Cross-Site Request Forgery (CSRF) |
Zoho Campaigns | Cross-Site Request Forgery (CSRF) |
Zoho Campaigns | Cross-Site Request Forgery (CSRF) |
WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 355 |
WHO needs tailored WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Request Forgery Patch Management.
Security is not a single-task job
Need tailored WP Security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.