The Stop Spammers Classic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2026.1. This is due to missing nonce validation in the ss_addtoallowlis
The Stop Registration Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.23. This is due to missing or incorrect nonce validation. This makes
The Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.7. This is due to missing
The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validation on the cas_register_p
The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the save_opt
The Simple add pages or posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation. This m
The Newsletter Email Subscribe plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4. This is due to incorrect nonce validation on the nels_settings_pa
The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.5. This is due to missing nonce validation
The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to missing or incorrect nonce validation on a function. This
The Dam Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing nonce verification on the pending comment deletion act
The Amazon Scraper plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on a function. This
The WP Promoter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on a function. This mak
The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on
The wp-greet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2. This is due to missing or incorrect nonce validation on a function. This makes
The FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all version
The WP Lead Plus X plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.99. This is due to missing or incorrect nonce validation on several functions. T
The Simple Crypto Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2. This is due to missing nonce validation on the scs_backend functi
The ShopSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.10. This is due to missing or incorrect nonce validation on a function. This mak
The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.3. This is due to missing or incorrect nonce validation on
The Norby AI plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing nonce validation on the settings update functionality.
Page 1+ Next →