managed social media 📲 Publish from your content to your 🌐 Social Media: Auto publish Content, Schedule Content, Quick share Content, Revive Old Content.
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF MAY 2025 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit. It is a +50% INCREASE, compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a managed WP/Woo Security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these Cross-Site Request Forgeries cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP CSRF MAY 2025 & WP Cross-Site Request Forgery category:
| 1 Decembrie 1918 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| 404 Image Redirection (Replace Broken Images) | Cross-Site Request Forgery (CSRF) |
| AB Google Map Travel | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Add Google +1 (Plus one) social share Button | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Add to Header | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Administrator Z | Cross-Site Request Forgery (CSRF) |
| Advanced All in One Admin Search by WP Spotlight | Cross-Site Request Forgery (CSRF) |
| Advanced Dynamic Pricing for WooCommerce | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Advanced lazy load | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advanced Search by My Solr Server | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advanced Speed Increaser | Cross-Site Request Forgery (CSRF) |
| Advanced Tag Lists | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| AF Tell a Friend | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| affiliate-toolkit | Cross-Site Request Forgery (CSRF) |
| AI Content Creator | Cross-Site Request Forgery (CSRF) |
| Ajax Comment Form CST | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ALD Login Page | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| All in One Time Clock Lite | Cross-Site Request Forgery (CSRF) |
| All push notification for WP | Cross-Site Request Forgery (CSRF) and SQL Injection (SQLi) |
| Amazon Showcase WordPress Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Anant Addons for Elementor | Cross-Site Request Forgery (CSRF) and Arbitrary Plugin Installation (BAC) |
| Anthologize | Cross-Site Request Forgery (CSRF) |
| Apimo Connector | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Append Content | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Appointment Booking Calendar | Cross-Site Request Forgery (CSRF) and SQL Injection (SQLi) |
| Appointy Appointment Scheduler | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Arkhe Theme | Cross-Site Request Forgery (CSRF) and Local File Inclusion (LFi) |
| Author Box Plugin With Different Description | Cross-Site Request Forgery (CSRF) |
| Availability Calendar | Cross-Site Request Forgery (CSRF) |
| Basic Interactive World Map | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| bbPress2 shortcode whitelist | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Best Posts Summary | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Bknewsticker | Cross-Site Request Forgery (CSRF) |
| Breaking News WP | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Brizy Pro | Cross-Site Request Forgery (CSRF) |
| Broadstreet | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Broken Links Remover | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Buddypress Humanity | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| Bulk Theme Product Sync | Cross-Site Request Forgery (CSRF) |
| Bulk Theme Term Editor | Cross-Site Request Forgery (CSRF) |
| Cache control by Cacholong | Cross-Site Request Forgery (CSRF) |
| Call Now PHT Blog | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CG Scroll To Top | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Chat2 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CheckBot | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ChillPay WooCommerce | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Clearbit Reveal | Cross-Site Request Forgery (CSRF) |
| Clearfy Cache | Cross-Site Request Forgery (CSRF) and Plugin Settings Update from 'setup-wbcr_clearfy' |
| CLP – Custom Login Page by NiteoThemes | Cross-Site Request Forgery (CSRF) |
| CM Ad Changer | Cross-Site Request Forgery (CSRF) |
| CM Answers | Cross-Site Request Forgery (CSRF) |
| Codescar Radio Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Comment Validation Reloaded | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Conditional Payments for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Conditional Shipping for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Contact Form 7 Calendar | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Contact Form by Supsystic | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) from saveAsCopy AJAX Action |
| Custom CSS, JS & PHP | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| Custom Functions Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Posts Order | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Smilies | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Customize Login Page | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Czater.pl – live chat i telefon | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Dashboard Notepads | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| DeBounce Email Validator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| DesignO | Cross-Site Request Forgery (CSRF) |
| DirectoryPress | Cross-Site Request Forgery (CSRF) |
| DN Footer Contacts | Cross-Site Request Forgery (CSRF) |
| Doppler Forms | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Drop Caps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Easy Child Theme Creator | Cross-Site Request Forgery (CSRF) |
| Easy Custom CSS | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Easy!Appointments | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Easyfonts | Cross-Site Request Forgery (CSRF) |
| Ebook Downloader | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ElementsReady Addons for Elementor | Cross-Site Request Forgery (CSRF) |
| Elfsight Testimonials Slider | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| Embed Extended | Cross-Site Request Forgery (CSRF) |
| ePaper Lister for Yumpu | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Epeken All Kurir | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Essential Breadcrumbs | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| Ever Accounting | Cross-Site Request Forgery (CSRF) |
| Feedbucket – Website Feedback Tool | Cross-Site Request Forgery (CSRF) |
| Flags Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Foliopress WYSIWYG | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| FraudLabs Pro for WooCommerce | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Freetobook Responsive Widget | Cross-Site Request Forgery (CSRF) |
| FrescoChat Live Chat | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Google News | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Google SEO Pressor Snippet | Cross-Site Request Forgery (CSRF) |
| Grand Restaurant WordPress Theme | Cross-Site Request Forgery (CSRF) |
| Hacklog Remote Attachment | Cross-Site Request Forgery (CSRF) |
| illow – Cookies Consent | Cross-Site Request Forgery (CSRF) |
| InPost Gallery | Cross-Site Request Forgery (CSRF) |
| Insert Headers And Footers | Cross-Site Request Forgery (CSRF) and Arbitrary Options Update (BAC) |
| Integration for WooCommerce and QuickBooks | Cross-Site Request Forgery (CSRF) |
| Interactive US Map | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Internal Link Optimiser | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| IP2Location Variables | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| IP2Location World Clock | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| JobWP | Cross-Site Request Forgery (CSRF) |
| JSON Structuring Markup | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| KeyCAPTCHA | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| KiotViet Sync | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Labinator Content Types Duplicator | Cross-Site Request Forgery (CSRF) |
| Language Field | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Leadfox for WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Libro de Reclamaciones y Quejas | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Link Shield | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Listings for Buildium | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Loan Calculator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LSD Custom taxonomy and category meta | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LuckyWP Table of Contents | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Mergado Pack | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Milat jQuery Automatic Popup | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| mLanguage | Cross-Site Request Forgery (CSRF) |
| MMX – Make Me Christmas | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Modern Polls | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| More Mime Type Filters | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Multi Days Events and Multi Events in One Day Calendar | Cross-Site Request Forgery (CSRF) |
| MultiMailer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Multiple Location Google Map | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| My auctions allegro | Cross-Site Request Forgery (CSRF) |
| My Marginalia | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Navegg Analytics | Cross-Site Request Forgery (CSRF) |
| Nepali Date Utilities | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| NewsBoard Post and RSS Scroller | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Nimbata Call Tracking | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Nino Social Connect | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| occupancyplan | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Official CleverReach Plugin for WooCommerce | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| OwnerRez | Cross-Site Request Forgery (CSRF) |
| Pagopar – WooCommerce Gateway | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| PayPal Express Checkout | Cross-Site Request Forgery (CSRF) |
| Pearl | Cross-Site Request Forgery (CSRF) |
| PlainInventory | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Plugin Central | Cross-Site Request Forgery (CSRF) and Arbitrary File Deletion (BAC) |
| Plugin Upgrade Time Out | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Post to Social Media – WordPress to Hootsuite | Cross-Site Request Forgery (CSRF) |
| PostmarkApp Email Integrator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Print Science Designer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Product Notices for WooCommerce | Cross-Site Request Forgery (CSRF) |
| QR Code Tag for WC | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| QuadMenu | Cross-Site Request Forgery (CSRF) and Limited User Meta Update |
| Query Wrangler | Cross-Site Request Forgery (CSRF) |
| RDP Wiki Embed | Cross-Site Request Forgery (CSRF) |
| Read More & Accordion | Cross-Site Request Forgery (CSRF) and Local File Inclusion (LFi) |
| reCAPTCHA Jetpack | Cross-Site Request Forgery (CSRF) |
| Recover abandoned cart for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Redirect wordpress to welcome or landing page | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Related Posts from Taxonomies | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Related Posts Widget with Thumbnails | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| RentSyst | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Restrict User Registration | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| REVE Chat | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Review Wave – Google Places Reviews | Cross-Site Request Forgery (CSRF) |
| Revision Diet | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rich Text Editor | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Right Click Disable OR Ban | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rio Video Gallery | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rollbar | Cross-Site Request Forgery (CSRF) |
| RSS Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Scheduled | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Script Compressor | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| SCSS WP Editor | Cross-Site Request Forgery (CSRF) |
| SCSS-Library | Cross-Site Request Forgery (CSRF) |
| Seo Meta Tags | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| SEO, Nutrition and Print for Recipes by Edamam | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Sequential Order Numbers for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Seraphinite Accelerator | Cross-Site Request Forgery (CSRF) and Multiple Administrative Actions |
| ShareThis Dashboard for Google Analytics | Cross-Site Request Forgery (CSRF) |
| Sidebar Manager Light | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple calendar for Elementor | Cross-Site Request Forgery (CSRF) |
| Simple Contact Forms | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple Fixed Notice | Cross-Site Request Forgery (CSRF) |
| Simple Maps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple Post Meta Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Site Search 360 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Site Table of Contents | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Smart Product Gallery Slider | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Bookmarking RELOADED | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Crowd | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Media Links | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| spam-stopper | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Spoiler Block | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Style Manager | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| SwiftXR (3D/AR/VR) Viewer | Cross-Site Request Forgery (CSRF) |
| Table Block by RioVizual | Cross-Site Request Forgery (CSRF) |
| Tabs | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| The World | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Theme Changer | Cross-Site Request Forgery (CSRF) |
| Theme Duplicator | Cross-Site Request Forgery (CSRF) |
| Time Based Greeting | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| translit it! | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Twitter Card Generator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| TZ PlusGallery | Cross-Site Request Forgery (CSRF) |
| Ultra Demo Importer | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| UltraAddons Elementor Lite | Cross-Site Request Forgery (CSRF) |
| Unsafe Mimetypes | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Uptime Robot Plugin for WordPress | Cross-Site Request Forgery (CSRF) |
| Useinfluence | Cross-Site Request Forgery (CSRF) |
| User Registration & Membership Pro | Cross-Site Request Forgery (CSRF) and User Deletion |
| User Registration Using Contact Form 7 | Cross-Site Request Forgery (CSRF) |
| User Session Synchronizer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Varnish WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Vasaio QR Code | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Verge3D | Cross-Site Request Forgery (CSRF) |
| VikRestaurants Table Reservations and Take-Away | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Vite Coupon | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| VKontakte Cross-Post | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Web Directory Free | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Windows Live Writer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Wishlist | Cross-Site Request Forgery (CSRF) |
| Woffice Core | Cross-Site Request Forgery (CSRF) and User Registration Approval |
| Woocommerce Role Pricing | Cross-Site Request Forgery (CSRF) |
| WooCommerce Social Login | Cross-Site Request Forgery (CSRF) |
| WordPress Events Calendar Plugin – connectDaily | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| wordpress related Posts with thumbnails | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Spam Blocker | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Abstracts | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Calais Auto Tagger | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Church Donation | Cross-Site Request Forgery (CSRF) |
| WP Copy Media URL | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Wp Custom CMS Block | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Filter Post Category | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Map Route Planner | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Performance Pack | Cross-Site Request Forgery (CSRF) |
| WP Profitshare | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Project Manager | Cross-Site Request Forgery (CSRF) |
| WP SexyLightBox | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP shop | Cross-Site Request Forgery (CSRF) and Arbitrary File Upload (BAC) |
| WP Show Stats | Cross-Site Request Forgery (CSRF) |
| WP Social Bookmarking | Cross-Site Request Forgery (CSRF) |
| WP Sticky Side Buttons | Cross-Site Request Forgery (CSRF) |
| wp Time Machine | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Tools | Cross-Site Request Forgery (CSRF) and Arbitrary File Deletion (BAC) |
| WP Twitter Button | Cross-Site Request Forgery (CSRF) |
| WP w3all phpBB | Cross-Site Request Forgery (CSRF) |
| WP w3all phpBB | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms | Cross-Site Request Forgery (CSRF) and Settings Change (BAC) |
| wp-cyr-cho | Cross-Site Request Forgery (CSRF) |
| WP-Easy Menu | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP-Planification | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WPFront User Role Editor | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) from whitelist_options Function |
| WPJobBoard | Cross-Site Request Forgery (CSRF) and Remote Code Execution (RCE) |
| WPJobBoard | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities |
| WPSolr | Cross-Site Request Forgery (CSRF) and Privilege Escalation (BAC) |
| WPVN | Cross-Site Request Forgery (CSRF) |
| WpZon – Amazon Affiliate Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WS Audio Player | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Zalo Official Live Chat | Cross-Site Request Forgery (CSRF) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 876 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2025: | 870 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections: