Explore CVEs related to CSRF vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.
Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.
You're viewing CSRF CVEs published in 2025. View full CVE list
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-31054 | Cross-Site Request Forgery (CSRF) vulnerability in Themefy Bloggie bloggie allows Reflected XSS.This issue affects Bloggie: from n/a through <= 2.0.8. | 7.1 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62123 | Cross-Site Request Forgery (CSRF) vulnerability in inkthemes WP Gmail SMTP wp-gmail-smtp allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through <= 1.0.7. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62113 | Cross-Site Request Forgery (CSRF) vulnerability in emendo_seb Co-marquage service-public.fr co-marquage-service-public allows Cross Site Request Forgery.This issue affects Co-marquage service-public.fr: from n/a through <= 0.5.77. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62101 | Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah pardakht-delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through <= 3.0.0. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-63040 | Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Post Snippets post-snippets allows Cross Site Request Forgery.This issue affects Post Snippets: from n/a through <= 4.0.11. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-63014 | Cross-Site Request Forgery (CSRF) vulnerability in Serhii Pasyuk Gmedia Photo Gallery grand-media allows Cross Site Request Forgery.This issue affects Gmedia Photo Gallery: from n/a through <= 1.25.0. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62148 | Cross-Site Request Forgery (CSRF) vulnerability in Eugen Bobrowski Robots.txt rewrite robotstxt-rewrite allows Cross Site Request Forgery.This issue affects Robots.txt rewrite: from n/a through <= 1.6.1. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62133 | Cross-Site Request Forgery (CSRF) vulnerability in manidoraisamy FormFacade formfacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through <= 1.4.1. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62089 | Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack mergado-marketing-pack allows Cross Site Request Forgery.This issue affects Mergado Pack: from n/a through <= 4.2.1. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62084 | Cross-Site Request Forgery (CSRF) vulnerability in Imdad Next Web iNext Woo Pincode Checker inext-woo-pincode-checker allows Cross Site Request Forgery.This issue affects iNext Woo Pincode Checker: from n/a through <= 2.3.1. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62080 | Cross-Site Request Forgery (CSRF) vulnerability in Channelize.io Team Live Shopping & Shoppable Videos For WooCommerce live-shopping-video-streams allows Cross Site Request Forgery.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through <= 2.2.0. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-59130 | Cross-Site Request Forgery (CSRF) vulnerability in appointify Appointify appointify allows Cross Site Request Forgery.This issue affects Appointify: from n/a through <= 1.0.8. | 4.3 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62134 | Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through <= 1.5.1. | 5.4 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62120 | Cross-Site Request Forgery (CSRF) vulnerability in Rick Beckman OpenHook thesis-openhook allows Cross Site Request Forgery.This issue affects OpenHook: from n/a through <= 4.3.1. | 5.4 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62117 | Cross-Site Request Forgery (CSRF) vulnerability in Jayce53 EasyIndex easyindex allows Cross Site Request Forgery.This issue affects EasyIndex: from n/a through <= 1.1.1704. | 5.4 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-62992 | Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Path Traversal.This issue affects Everest Backup: from n/a through <= 2.3.11. | 6.5 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-49028 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Mail Zoho ZeptoMail transmail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through <= 3.3.1. | 7.1 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-68885 | Cross-Site Request Forgery (CSRF) vulnerability in page-carbajal Custom Post Status custom-post-status allows Stored XSS.This issue affects Custom Post Status: from n/a through <= 1.1.0. | 7.1 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-49354 | Cross-Site Request Forgery (CSRF) vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through <= 1.4. | 7.1 | 0.01% | 2025-12-31 | 2026-04-23 |
| CVE-2025-49353 | Cross-Site Request Forgery (CSRF) vulnerability in Marcin Kijak Noindex by Path noindex-by-path allows Stored XSS.This issue affects Noindex by Path: from n/a through <= 1.0. | 7.1 | 0.01% | 2025-12-31 | 2026-04-23 |