Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Angry Yack Logo
Total 8760 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-47785 1 Kreaturamedia 1 Layerslider 2024-11-21 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in LayerSlider plugin <= 7.7.9 versions.
CVE-2023-47781 1 Thrivethemes 1 Thrive Themes Builder 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Theme Builder < 3.24.2 versions.
CVE-2023-47775 1 Gvectors 1 Wpdiscuz 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
CVE-2023-47765 1 Codebard 1 Codebard\'s Patron Button And Widgets For Patreon 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.9 versions.
CVE-2023-47758 1 Mondula 1 Multi Step Form 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Mondula GmbH Multi Step Form plugin <= 1.7.11 versions.
CVE-2023-47757 1 Aweber 1 Aweber 2024-11-21 N/A 4.3 MEDIUM
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth: from n/a through 7.3.9.
CVE-2023-47718 1 Ibm 2 Maximo Application Suite, Maximo Asset Management 2024-11-21 N/A 4.3 MEDIUM
IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843.
CVE-2023-47688 1 Alexufo 1 Youtube Speedload 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Alexufo Youtube SpeedLoad plugin <= 0.6.3 versions.
CVE-2023-47687 1 Vjinfotech 1 Woo Custom And Sequential Order Number 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in VJInfotech Woo Custom and Sequential Order Number plugin <= 2.6.0 versions.
CVE-2023-47686 1 Kibokolabs 1 Arigato Autoresponder And Newsletter 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions.
CVE-2023-47685 1 Nkb-bd 1 Preloader Matrix 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Lukman Nakib Preloader Matrix.This issue affects Preloader Matrix: from n/a through 2.0.1.
CVE-2023-47672 1 Swashata 1 Wp Category Post List Widget 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Swashata WP Category Post List Widget.This issue affects WP Category Post List Widget: from n/a through 2.0.3.
CVE-2023-47671 1 Gopiplus 1 Vertical Scroll Recent Registered User 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0.
CVE-2023-47670 1 Icansoft 1 Korea Sns 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Jongmyoung Kim Korea SNS.This issue affects Korea SNS: from n/a through 1.6.3.
CVE-2023-47669 1 Cozmoslabs 1 Profile Builder 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.10.3 versions.
CVE-2023-47667 1 Paymentsplugin 1 Wp Full Stripe Free 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Mammothology WP Full Stripe Free.This issue affects WP Full Stripe Free: from n/a through 7.0.16.
CVE-2023-47666 1 Code Snippets 1 Code Snippets 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Code Snippets Pro Code Snippets.This issue affects Code Snippets: from n/a through 3.5.0.
CVE-2023-47664 1 Plainviewplugins 1 Plainview Protect Passwords 2024-11-21 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview Plainview Protect Passwords.This issue affects Plainview Protect Passwords: from n/a through 1.4.
CVE-2023-47655 1 Wpgov 1 Anac Xml Bandi Di Gara 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi ANAC XML Bandi di Gara.This issue affects ANAC XML Bandi di Gara: from n/a through 7.5.
CVE-2023-47651 1 Wplinkspage 1 Wp Links Page 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4.
CVE-2023-47650 1 Petersterling 1 Add Local Avatar 2024-11-21 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Peter Sterling Add Local Avatar.This issue affects Add Local Avatar: from n/a through 12.1.
CVE-2023-47649 1 Pricelisto 1 Best Restaurant Menu 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in PriceListo Best Restaurant Menu by PriceListo.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.3.1.
CVE-2023-47645 1 Metagauss 1 Registrationmagic 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Cross Site Request Forgery.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.2.6.
CVE-2023-47644 1 Metagauss 1 Profilegrid 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6.
CVE-2023-47578 1 Relyum 4 Rely-pcie, Rely-pcie Firmware, Rely-rec and 1 more 2024-11-21 N/A 8.8 HIGH
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface.
CVE-2023-47556 1 Jamesmehorter 1 Device Theme Switcher 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in James Mehorter Device Theme Switcher.This issue affects Device Theme Switcher: from n/a through 3.0.2.
CVE-2023-47553 1 Userlocal 1 Userheat Plugin 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in User Local Inc UserHeat Plugin.This issue affects UserHeat Plugin: from n/a through 1.1.6.
CVE-2023-47552 1 Webdevocean 1 Image Hover Effects 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Image Hover Effects – WordPress Plugin.This issue affects Image Hover Effects – WordPress Plugin: from n/a through 5.5.
CVE-2023-47551 1 Rednao 1 Donations Made Easy - Smart Donations 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12.
CVE-2023-47550 1 Rednao 1 Donations Made Easy - Smart Donations 2024-11-21 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations allows Stored XSS.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12.
CVE-2023-47531 1 Droitthemes 1 Droit Dark Mode 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Dark Mode.This issue affects Droit Dark Mode: from n/a through 1.1.2.
CVE-2023-47519 1 Wcproducttable 1 Woocommerce Product Table Lite 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WC Product Table WooCommerce Product Table Lite.This issue affects WooCommerce Product Table Lite: from n/a through 2.6.2.
CVE-2023-47516 1 Starkdigital 1 Category Post List Widget 2024-11-21 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Stark Digital Category Post List Widget allows Stored XSS.This issue affects Category Post List Widget: from n/a through 2.0.
CVE-2023-47350 1 Swiftyedit 1 Swiftyedit 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.2.0, allows remote attackers to escalate privileges via the user password update functionality.
CVE-2023-47326 1 Silverpeas 1 Silverpeas 2024-11-21 N/A 8.8 HIGH
Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function.
CVE-2023-47322 1 Silverpeas 1 Silverpeas 2024-11-21 N/A 8.8 HIGH
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application.
CVE-2023-47243 1 Codemshop 1 Mshop My Site 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop 코드엠샵 마이사이트 – MSHOP MY SITE.This issue affects 코드엠샵 마이사이트 – MSHOP MY SITE: from n/a through 1.1.6.
CVE-2023-47230 1 Cimatti 1 Wordpress Contact Forms 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.6.0 versions.
CVE-2023-47186 1 Kadencewp 1 Kadence Woocommerce Email Designer 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin <= 1.5.11 versions.
CVE-2023-47182 1 Nazmulhossainnihal 1 Login Screen Manager 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions.