WP CSRF MAY 2025
WP Cross-Site Request Forgery
Managed Woo/WP Security Report
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF MAY 2025 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit.
It is a +50% INCREASE, compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a managed WP/Woo Security AUDIT, - OR - switching with a TOP10LIST alternative WP Security Plugin – OR – Hire us for your recurrent needs of managed WordPress Security and managed WooCommerce Security.
WHO needs managed WP security? EVERYBODY!
Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Request Forgery Patch Management.
The following cases made headlines PUBLICLY in the WP CSRF MAY 2025 & WP Cross-Site Request Forgery category:
| 1 Decembrie 1918 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| 404 Image Redirection (Replace Broken Images) | Cross-Site Request Forgery (CSRF) |
| AB Google Map Travel | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Add Google +1 (Plus one) social share Button | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Add to Header | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Administrator Z | Cross-Site Request Forgery (CSRF) |
| Advanced All in One Admin Search by WP Spotlight | Cross-Site Request Forgery (CSRF) |
| Advanced Dynamic Pricing for WooCommerce | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Advanced lazy load | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advanced Search by My Solr Server | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advanced Speed Increaser | Cross-Site Request Forgery (CSRF) |
| Advanced Tag Lists | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| AF Tell a Friend | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| affiliate-toolkit | Cross-Site Request Forgery (CSRF) |
| AI Content Creator | Cross-Site Request Forgery (CSRF) |
| Ajax Comment Form CST | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ALD Login Page | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| All in One Time Clock Lite | Cross-Site Request Forgery (CSRF) |
| All push notification for WP | Cross-Site Request Forgery (CSRF) and SQL Injection (SQLi) |
| Amazon Showcase WordPress Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Anant Addons for Elementor | Cross-Site Request Forgery (CSRF) and Arbitrary Plugin Installation (BAC) |
| Anthologize | Cross-Site Request Forgery (CSRF) |
| Apimo Connector | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Append Content | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Appointment Booking Calendar | Cross-Site Request Forgery (CSRF) and SQL Injection (SQLi) |
| Appointy Appointment Scheduler | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Arkhe Theme | Cross-Site Request Forgery (CSRF) and Local File Inclusion (LFi) |
| Author Box Plugin With Different Description | Cross-Site Request Forgery (CSRF) |
| Availability Calendar | Cross-Site Request Forgery (CSRF) |
| Basic Interactive World Map | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| bbPress2 shortcode whitelist | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Best Posts Summary | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Bknewsticker | Cross-Site Request Forgery (CSRF) |
| Breaking News WP | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Brizy Pro | Cross-Site Request Forgery (CSRF) |
| Broadstreet | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Broken Links Remover | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Buddypress Humanity | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| Bulk Theme Product Sync | Cross-Site Request Forgery (CSRF) |
| Bulk Theme Term Editor | Cross-Site Request Forgery (CSRF) |
| Cache control by Cacholong | Cross-Site Request Forgery (CSRF) |
| Call Now PHT Blog | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CG Scroll To Top | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Chat2 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CheckBot | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ChillPay WooCommerce | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Clearbit Reveal | Cross-Site Request Forgery (CSRF) |
| Clearfy Cache | Cross-Site Request Forgery (CSRF) and Plugin Settings Update from 'setup-wbcr_clearfy' |
| CLP – Custom Login Page by NiteoThemes | Cross-Site Request Forgery (CSRF) |
| CM Ad Changer | Cross-Site Request Forgery (CSRF) |
| CM Answers | Cross-Site Request Forgery (CSRF) |
| Codescar Radio Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Comment Validation Reloaded | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Conditional Payments for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Conditional Shipping for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Contact Form 7 Calendar | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Contact Form by Supsystic | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) from saveAsCopy AJAX Action |
| Custom CSS, JS & PHP | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| Custom Functions Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Posts Order | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Smilies | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Customize Login Page | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Czater.pl – live chat i telefon | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Dashboard Notepads | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| DeBounce Email Validator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| DesignO | Cross-Site Request Forgery (CSRF) |
| DirectoryPress | Cross-Site Request Forgery (CSRF) |
| DN Footer Contacts | Cross-Site Request Forgery (CSRF) |
| Doppler Forms | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Drop Caps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Easy Child Theme Creator | Cross-Site Request Forgery (CSRF) |
| Easy Custom CSS | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Easy!Appointments | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Easyfonts | Cross-Site Request Forgery (CSRF) |
| Ebook Downloader | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ElementsReady Addons for Elementor | Cross-Site Request Forgery (CSRF) |
| Elfsight Testimonials Slider | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Embed Extended | Cross-Site Request Forgery (CSRF) |
| ePaper Lister for Yumpu | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Epeken All Kurir | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Essential Breadcrumbs | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| Ever Accounting | Cross-Site Request Forgery (CSRF) |
| Feedbucket – Website Feedback Tool | Cross-Site Request Forgery (CSRF) |
| Flags Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Foliopress WYSIWYG | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| FraudLabs Pro for WooCommerce | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Freetobook Responsive Widget | Cross-Site Request Forgery (CSRF) |
| FrescoChat Live Chat | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Google News | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Google SEO Pressor Snippet | Cross-Site Request Forgery (CSRF) |
| Grand Restaurant WordPress Theme | Cross-Site Request Forgery (CSRF) |
| Hacklog Remote Attachment | Cross-Site Request Forgery (CSRF) |
| illow – Cookies Consent | Cross-Site Request Forgery (CSRF) |
| InPost Gallery | Cross-Site Request Forgery (CSRF) |
| Insert Headers And Footers | Cross-Site Request Forgery (CSRF) and Arbitrary Options Update (BAC) |
| Integration for WooCommerce and QuickBooks | Cross-Site Request Forgery (CSRF) |
| Interactive US Map | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Internal Link Optimiser | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| IP2Location Variables | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| IP2Location World Clock | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| JobWP | Cross-Site Request Forgery (CSRF) |
| JSON Structuring Markup | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| KeyCAPTCHA | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| KiotViet Sync | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Labinator Content Types Duplicator | Cross-Site Request Forgery (CSRF) |
| Language Field | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Leadfox for WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Libro de Reclamaciones y Quejas | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Link Shield | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Listings for Buildium | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Loan Calculator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LSD Custom taxonomy and category meta | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LuckyWP Table of Contents | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Mergado Pack | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Milat jQuery Automatic Popup | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| mLanguage | Cross-Site Request Forgery (CSRF) |
| MMX – Make Me Christmas | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Modern Polls | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| More Mime Type Filters | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Multi Days Events and Multi Events in One Day Calendar | Cross-Site Request Forgery (CSRF) |
| MultiMailer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Multiple Location Google Map | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| My auctions allegro | Cross-Site Request Forgery (CSRF) |
| My Marginalia | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Navegg Analytics | Cross-Site Request Forgery (CSRF) |
| Nepali Date Utilities | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| NewsBoard Post and RSS Scroller | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Nimbata Call Tracking | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Nino Social Connect | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| occupancyplan | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Official CleverReach Plugin for WooCommerce | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| OwnerRez | Cross-Site Request Forgery (CSRF) |
| Pagopar – WooCommerce Gateway | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| PayPal Express Checkout | Cross-Site Request Forgery (CSRF) |
| Pearl | Cross-Site Request Forgery (CSRF) |
| PlainInventory | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Plugin Central | Cross-Site Request Forgery (CSRF) and Arbitrary File Deletion (BAC) |
| Plugin Upgrade Time Out | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Post to Social Media – WordPress to Hootsuite | Cross-Site Request Forgery (CSRF) |
| PostmarkApp Email Integrator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Print Science Designer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Product Notices for WooCommerce | Cross-Site Request Forgery (CSRF) |
| QR Code Tag for WC | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| QuadMenu | Cross-Site Request Forgery (CSRF) and Limited User Meta Update |
| Query Wrangler | Cross-Site Request Forgery (CSRF) |
| RDP Wiki Embed | Cross-Site Request Forgery (CSRF) |
| Read More & Accordion | Cross-Site Request Forgery (CSRF) and Local File Inclusion (LFi) |
| reCAPTCHA Jetpack | Cross-Site Request Forgery (CSRF) |
| Recover abandoned cart for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Redirect wordpress to welcome or landing page | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Related Posts from Taxonomies | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Related Posts Widget with Thumbnails | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| RentSyst | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Restrict User Registration | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| REVE Chat | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Review Wave – Google Places Reviews | Cross-Site Request Forgery (CSRF) |
| Revision Diet | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rich Text Editor | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Right Click Disable OR Ban | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rio Video Gallery | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rollbar | Cross-Site Request Forgery (CSRF) |
| RSS Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Scheduled | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Script Compressor | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| SCSS WP Editor | Cross-Site Request Forgery (CSRF) |
| SCSS-Library | Cross-Site Request Forgery (CSRF) |
| Seo Meta Tags | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| SEO, Nutrition and Print for Recipes by Edamam | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Sequential Order Numbers for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Seraphinite Accelerator | Cross-Site Request Forgery (CSRF) and Multiple Administrative Actions |
| ShareThis Dashboard for Google Analytics | Cross-Site Request Forgery (CSRF) |
| Sidebar Manager Light | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple calendar for Elementor | Cross-Site Request Forgery (CSRF) |
| Simple Contact Forms | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple Fixed Notice | Cross-Site Request Forgery (CSRF) |
| Simple Maps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple Post Meta Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Site Search 360 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Site Table of Contents | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Smart Product Gallery Slider | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Bookmarking RELOADED | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Crowd | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Media Links | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| spam-stopper | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Spoiler Block | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Style Manager | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| SwiftXR (3D/AR/VR) Viewer | Cross-Site Request Forgery (CSRF) |
| Table Block by RioVizual | Cross-Site Request Forgery (CSRF) |
| Tabs | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| The World | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Theme Changer | Cross-Site Request Forgery (CSRF) |
| Theme Duplicator | Cross-Site Request Forgery (CSRF) |
| Time Based Greeting | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| translit it! | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Twitter Card Generator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| TZ PlusGallery | Cross-Site Request Forgery (CSRF) |
| Ultra Demo Importer | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| UltraAddons Elementor Lite | Cross-Site Request Forgery (CSRF) |
| Unsafe Mimetypes | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Uptime Robot Plugin for WordPress | Cross-Site Request Forgery (CSRF) |
| Useinfluence | Cross-Site Request Forgery (CSRF) |
| User Registration & Membership Pro | Cross-Site Request Forgery (CSRF) and User Deletion |
| User Registration Using Contact Form 7 | Cross-Site Request Forgery (CSRF) |
| User Session Synchronizer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Varnish WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Vasaio QR Code | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Verge3D | Cross-Site Request Forgery (CSRF) |
| VikRestaurants Table Reservations and Take-Away | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Vite Coupon | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| VKontakte Cross-Post | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Web Directory Free | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Windows Live Writer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Wishlist | Cross-Site Request Forgery (CSRF) |
| Woffice Core | Cross-Site Request Forgery (CSRF) and User Registration Approval |
| Woocommerce Role Pricing | Cross-Site Request Forgery (CSRF) |
| WooCommerce Social Login | Cross-Site Request Forgery (CSRF) |
| WordPress Events Calendar Plugin – connectDaily | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| wordpress related Posts with thumbnails | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Spam Blocker | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Abstracts | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Calais Auto Tagger | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Church Donation | Cross-Site Request Forgery (CSRF) |
| WP Copy Media URL | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Wp Custom CMS Block | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Filter Post Category | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Map Route Planner | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Performance Pack | Cross-Site Request Forgery (CSRF) |
| WP Profitshare | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Project Manager | Cross-Site Request Forgery (CSRF) |
| WP SexyLightBox | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP shop | Cross-Site Request Forgery (CSRF) and Arbitrary File Upload (BAC) |
| WP Show Stats | Cross-Site Request Forgery (CSRF) |
| WP Social Bookmarking | Cross-Site Request Forgery (CSRF) |
| WP Sticky Side Buttons | Cross-Site Request Forgery (CSRF) |
| wp Time Machine | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Tools | Cross-Site Request Forgery (CSRF) and Arbitrary File Deletion (BAC) |
| WP Twitter Button | Cross-Site Request Forgery (CSRF) |
| WP w3all phpBB | Cross-Site Request Forgery (CSRF) |
| WP w3all phpBB | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| wp-cyr-cho | Cross-Site Request Forgery (CSRF) |
| WP-Easy Menu | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP-Planification | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WPFront User Role Editor | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) from whitelist_options Function |
| WPJobBoard | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| WPJobBoard | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| WPSolr | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| WPVN | Cross-Site Request Forgery (CSRF) |
| WpZon – Amazon Affiliate Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WS Audio Player | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Zalo Official Live Chat | Cross-Site Request Forgery (CSRF) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 876 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2025: | 870 |
WHO needs managed WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Request Forgery Patch Management.
Security is not a single-task job
Need managed WP Security and got no clue where to start? Hire an expert. Pay a coffee per week, its cheaper than 1 hour for a freelancer.
Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Request Forgery audit! Decide after you compare RISK + IMPACT versus COST.
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact
Continue being informed
Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes.
Weekly inspiration, news and occasional with hand-picked deals. Unsubscribe anytime.
