CSRF に分類される脆弱性に紐づく CVE を、公開年で絞り込みます。一覧は新しい公開が上に来る並びで、CVSS / EPSS のリスク指標でもさらに絞り込めます。
直近の脆弱性公開や傾向を押さえ、セキュリティチームが高リスクな事象や悪用の可能性を素早く把握するためのビューです。
2025 年に公開され、CSRF に分類される CVE を表示しています。 CVE の一覧へ
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2025-31054 | Cross-Site Request Forgery (CSRF) vulnerability in Themefy Bloggie allows Reflected XSS.This issue affects Bloggie: from n/a through 2.0.8. | 7.1 | 0.09% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62123 | Cross-Site Request Forgery (CSRF) vulnerability in inkthemes WP Gmail SMTP wp-gmail-smtp allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through <= 1.0.7. | 4.3 | 0.12% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62113 | Cross-Site Request Forgery (CSRF) vulnerability in emendo_seb Co-marquage service-public.fr co-marquage-service-public allows Cross Site Request Forgery.This issue affects Co-marquage service-public.fr: from n/a through <= 0.5.77. | 4.3 | 0.12% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62101 | Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah pardakht-delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through <= 3.0.0. | 4.3 | 0.12% | 2025-12-31 | 2026-06-17 |
| CVE-2025-63040 | Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Post Snippets post-snippets allows Cross Site Request Forgery.This issue affects Post Snippets: from n/a through <= 4.0.11. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-63014 | Cross-Site Request Forgery (CSRF) vulnerability in Serhii Pasyuk Gmedia Photo Gallery grand-media allows Cross Site Request Forgery.This issue affects Gmedia Photo Gallery: from n/a through <= 1.25.0. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62148 | Cross-Site Request Forgery (CSRF) vulnerability in Eugen Bobrowski Robots.txt rewrite robotstxt-rewrite allows Cross Site Request Forgery.This issue affects Robots.txt rewrite: from n/a through <= 1.6.1. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62133 | Cross-Site Request Forgery (CSRF) vulnerability in manidoraisamy FormFacade formfacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through <= 1.4.1. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62089 | Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack mergado-marketing-pack allows Cross Site Request Forgery.This issue affects Mergado Pack: from n/a through <= 4.2.1. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62084 | Cross-Site Request Forgery (CSRF) vulnerability in Imdad Next Web iNext Woo Pincode Checker inext-woo-pincode-checker allows Cross Site Request Forgery.This issue affects iNext Woo Pincode Checker: from n/a through <= 2.3.1. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62080 | Cross-Site Request Forgery (CSRF) vulnerability in Channelize.io Team Live Shopping & Shoppable Videos For WooCommerce live-shopping-video-streams allows Cross Site Request Forgery.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through <= 2.2.0. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-59130 | Cross-Site Request Forgery (CSRF) vulnerability in appointify Appointify appointify allows Cross Site Request Forgery.This issue affects Appointify: from n/a through <= 1.0.8. | 4.3 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62134 | Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through <= 1.5.1. | 5.4 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62120 | Cross-Site Request Forgery (CSRF) vulnerability in Rick Beckman OpenHook thesis-openhook allows Cross Site Request Forgery.This issue affects OpenHook: from n/a through <= 4.3.1. | 5.4 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62117 | Cross-Site Request Forgery (CSRF) vulnerability in Jayce53 EasyIndex easyindex allows Cross Site Request Forgery.This issue affects EasyIndex: from n/a through <= 1.1.1704. | 5.4 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-62992 | Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Path Traversal.This issue affects Everest Backup: from n/a through <= 2.3.11. | 6.5 | 0.17% | 2025-12-31 | 2026-06-17 |
| CVE-2025-49028 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Mail Zoho ZeptoMail transmail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through <= 3.3.1. | 7.1 | 0.09% | 2025-12-31 | 2026-06-17 |
| CVE-2025-68885 | Cross-Site Request Forgery (CSRF) vulnerability in page-carbajal Custom Post Status custom-post-status allows Stored XSS.This issue affects Custom Post Status: from n/a through <= 1.1.0. | 7.1 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-49354 | Cross-Site Request Forgery (CSRF) vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through <= 1.4. | 7.1 | 0.10% | 2025-12-31 | 2026-06-17 |
| CVE-2025-49353 | Cross-Site Request Forgery (CSRF) vulnerability in Marcin Kijak Noindex by Path noindex-by-path allows Stored XSS.This issue affects Noindex by Path: from n/a through <= 1.0. | 7.1 | 0.10% | 2025-12-31 | 2026-06-17 |