🔬 Conversion Rate Optimisation for your 🌐 WordPress & 🛒 WooCommerce: skyrocket sales with modern proven methods! The purpose of recurrent CRO services is to constantly improve the likelihood of visitors taking your desired action on your domain.
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF MAR 2025 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit. It is a -43% DECREASE compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a managed WP/Woo Security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these Cross-Site Request Forgeries cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP CSRF MAR 2025 & WP Cross-Site Request Forgery category:
| 1 Click WordPress Migration | Cross-Site Request Forgery (CSRF) to Backup Process Cancellation |
| A1POST.BG Shipping for Woo | Cross-Site Request Forgery (CSRF) to Privilege Escalation (BAC) |
| Add Linked Images To Gallery | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Admin Menu Manager | Cross-Site Request Forgery (CSRF) |
| All-In-One Cufon | Cross-Site Request Forgery (CSRF) |
| Apptivo Business Site CRM | Cross-Site Request Forgery (CSRF) to IP Address Block |
| Auto SEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Auto Tag Links | Cross-Site Request Forgery (CSRF) |
| Awesome Event Booking | Cross-Site Request Forgery (CSRF) |
| Blightly Explorer | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Book a Room | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
| Booknetic | Cross-Site Request Forgery (CSRF) |
| BookPress – For Book Authors | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Bootstrap collapse | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Bulk Content Creator | Cross-Site Request Forgery (CSRF) |
| Car Dealer Theme | Cross-Site Request Forgery (CSRF) to User Update from update_user_profile |
| Child Themes Helper | Cross-Site Request Forgery (CSRF) to File Deletion (BAC) |
| ClickWhale | Cross-Site Request Forgery (CSRF) to Settings Change (BAC) |
| Content Snippet Manager | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Comment Notifications | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Links On Admin Dashboard Toolbar | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| DirectoryPress Frontend | Cross-Site Request Forgery (CSRF) to Listing Status Update (BAC) |
| Disable Auto Updates | Cross-Site Request Forgery (CSRF) to Auto-update Disable |
| DSGVO All in one for WP | Cross-Site Request Forgery (CSRF) to Account Deletion (BAC) |
| DX-auto-publish | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Easy Amazon Product Information | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Easy Booked – Appointment Booking and Scheduling Management System for WordPress | Cross-Site Request Forgery (CSRF) |
| Easy Related Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Ecwid Shopping Cart | Cross-Site Request Forgery (CSRF) to Send Deactivation Message |
| Erima Zarinpal Donate | Cross-Site Request Forgery (CSRF) |
| F12-Profiler | Cross-Site Request Forgery (CSRF) |
| Facilita Form Tracker | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Filled In | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Flexible Wishlist for WooCommerce | Cross-Site Request Forgery (CSRF) to Wishlist Creation/Modification (BAC) |
| Fontsampler | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Fyrebox Quizzes | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Glance That | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Global Meta Keyword & Description | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| GlobalQuran | Cross-Site Request Forgery (CSRF) to Settings Change (BAC) |
| Houzez Property Feed | Cross-Site Request Forgery (CSRF) to Property Feed Export Deletion (BAC) |
| Indeed API | Cross-Site Request Forgery (CSRF) to Settings Change (BAC) |
| Infusionsoft Analytics | Cross-Site Request Forgery (CSRF) |
| JPG, PNG Compression and Optimization | Cross-Site Request Forgery (CSRF) |
| Just Variables | Cross-Site Request Forgery (CSRF) |
| LikeBot | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Listings for Appfolio | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| List Urls | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Login-box | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| magayo Lottery Results | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| MemorialDay | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Minimum Password Strength | Cross-Site Request Forgery (CSRF) |
| Mortgage Lead Capture System | Cross-Site Request Forgery (CSRF) to Settings Reset |
| Munk Sites | Cross-Site Request Forgery (CSRF) to Plugin Installation (BAC) |
| My Login Logout Plugin | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Namaste! LMS | Cross-Site Request Forgery (CSRF) |
| Naver Syndication V2 | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Önceki Yazı Link | Cross-Site Request Forgery (CSRF) |
| OneStore Sites | Cross-Site Request Forgery (CSRF) to Plugin Installation (BAC) |
| On Page SEO + Whatsapp Chat Button | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Option Editor | Cross-Site Request Forgery (CSRF) to Options Update (BAC) |
| Page/Post Specific Social Share Buttons | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Phee's LinkPreview | Cross-Site Request Forgery (CSRF) |
| Photo Gallery ( Responsive ) | Cross-Site Request Forgery (CSRF) to Privilege Escalation (BAC) |
| Post Thumbs | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Print PDF Generator and Publisher | Cross-Site Request Forgery (CSRF) |
| Quote Comments | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RateMyAgent Official | Cross-Site Request Forgery (CSRF) to API Key Update |
| RAYS Grid | Cross-Site Request Forgery (CSRF) |
| Read More Copy Link | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Related Posts Line-up-Exactly by Milliard | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Reset | Cross-Site Request Forgery (CSRF) to Database Reset |
| Royal Elementor Addons | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RSS Filter | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| School Management System – SakolaWP | Cross-Site Request Forgery (CSRF) to Exam Setting Manipulation (BAC) |
| ShopSite | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Shopwarden | Cross-Site Request Forgery (CSRF) to Options Update (BAC) |
| Show notice or message on admin area | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Auto Tag | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Documentation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Google Sitemap | Cross-Site Request Forgery (CSRF) |
| Simple Responsive Menu | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple User Profile | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Smart DoFollow | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Smart Maintenance & Countdown | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Songkick Concerts and Festivals | Cross-Site Request Forgery (CSRF) |
| SpeedSize Image & Video AI-Optimizer | Cross-Site Request Forgery (CSRF) to Clear Cache |
| StaffList | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Starter Templates by FancyWP | Cross-Site Request Forgery (CSRF) to Plugin Installation (BAC) |
| Style Tweaker | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Subscriptions & Memberships for PayPal | Cross-Site Request Forgery (CSRF) to Post Deletion (BAC) |
| Theasys | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Theme Options Z | Cross-Site Request Forgery (CSRF) |
| TinyMCE Advanced qTranslate fix editor problems | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Tribulant Gallery Voting | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Ultimate Classified Listings | Cross-Site Request Forgery (CSRF) to Account Takeover (BAC) |
| URL-Preview-Box | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Vignette Ads | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| VikBooking Hotel Booking Engine & PMS | Cross-Site Request Forgery (CSRF) to Settings Change (BAC) |
| what3words Address Field | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Wibiya Toolbar | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Woocommerce – Loi Hamon | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WooCommerce Recargo de Equivalencia | Cross-Site Request Forgery (CSRF) |
| WordPress File Upload (BAC) | Cross-Site Request Forgery (CSRF) in wfu_file_details |
| WP Abstracts | Cross-Site Request Forgery (CSRF) to Account Deletion (BAC) |
| WP Admin Custom Page | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP All Import | Cross-Site Request Forgery (CSRF) to Imported Content Deletion (BAC) |
| WP All Import Pro | Cross-Site Request Forgery (CSRF) to Imported Content Deletion (BAC) |
| WP Custom Post RSS Feed | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Finance | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| WP Find Your Nearest | Cross-Site Request Forgery (CSRF) to Settings Change (BAC) |
| WP Html Page Sitemap | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Keyword Monitor | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Media Category Management | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
| WP PHPList | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP-PostRatings Cheater | Cross-Site Request Forgery (CSRF) |
| WP Projects Portfolio | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Wp Social | Cross-Site Request Forgery (CSRF) to Settings Update (BAC) |
| WP Social Stream | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Spell Check | Cross-Site Request Forgery (CSRF) |
| WP System Log | Cross-Site Request Forgery (CSRF) |
| WPUpper Share Buttons | Cross-Site Request Forgery (CSRF) to Custom CSS Update |
| WP Video Posts | Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE) |
| ZMSEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| 无觅相关文章插件 | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 876 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2025: | 452 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:
We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.