Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Angry Yack Logo
Total 8760 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-47014 1 Remyandrade 1 Sticky Notes App 2024-11-21 N/A 6.5 MEDIUM
A Cross-Site Request Forgery (CSRF) vulnerability in Sourcecodester Sticky Notes App Using PHP with Source Code v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to add-note.php.
CVE-2023-46781 1 Rolandmurg 1 Current Menu Item For Custom Post Types 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg Current Menu Item for Custom Post Types plugin <= 1.5 versions.
CVE-2023-46780 1 Altersoftware 1 Alter 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Alter plugin <= 1.0 versions.
CVE-2023-46779 1 Easyrecipe Project 1 Easyrecipe 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin <= 3.5.3251 versions.
CVE-2023-46778 1 Thefreewindows 1 Auto Limit Posts Reloaded 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin <= 2.5 versions.
CVE-2023-46777 1 Featherplugins 1 Custom Login Page \| Temporary Users \| Rebrand Login \| Login Captcha 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <= 1.1.3 versions.
CVE-2023-46776 1 Josie 1 Auto Excerpt Everywhere 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Serena Villa Auto Excerpt everywhere plugin <= 1.5 versions.
CVE-2023-46775 1 Zixn 1 Original Texts Yandex Webmaster 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions.
CVE-2023-46699 1 Weseek 1 Growi 2024-11-21 N/A 4.3 MEDIUM
Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention.
CVE-2023-46638 1 Webcodin 1 Wcp Openweather 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0 versions.
CVE-2023-46636 1 Blackbam 1 Custom Header Images 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in David Stöckl Custom Header Images plugin <= 1.2.1 versions.
CVE-2023-46634 1 Phoeniixx 1 Custom My Account For Woocommerce 2024-11-21 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My Account for Woocommerce allows Cross-Site Scripting (XSS).This issue affects Custom My Account for Woocommerce: from n/a through 2.1.
CVE-2023-46629 1 Themelocation 1 Remove Add To Cart Woocommerce 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4.
CVE-2023-46625 1 Daext 1 Autolinks Manager 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Autolinks Manager plugin <= 1.10.04 versions.
CVE-2023-46620 1 Fluenx 1 Deepl Api Translation 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API translation plugin <= 2.3.9.1 versions.
CVE-2023-46619 1 Web-dorado 1 Wdsocialwidgets 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WebDorado WDSocialWidgets plugin <= 1.0.15 versions.
CVE-2023-46618 1 Bala-krishna 1 Category Seo Meta Tags 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin <= 2.5 versions.
CVE-2023-46617 1 Wpfoxly 1 Adfoxly 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt.This issue affects AdFoxly – Ad Manager, AdSense Ads & Ads.Txt: from n/a through 1.8.5.
CVE-2023-46614 1 Matbao 1 Wp Helper Premium 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 versions.
CVE-2023-46375 1 Zentao 1 Biz 2024-11-21 N/A 8.8 HIGH
ZenTao Biz version 4.1.3 and before is vulnerable to Cross Site Request Forgery (CSRF).
CVE-2023-46242 1 Xwiki 1 Xwiki 2024-11-21 N/A 9.6 CRITICAL
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have `programming` privileges in order to exploit this vulnerability. This issue has been patched in XWiki 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for for this vulnerability.
CVE-2023-46212 1 Wpvnteam 1 Wp Extra 2024-11-21 N/A 6.3 MEDIUM
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects WP EXtra: from n/a through 6.2.
CVE-2023-46204 1 Mullerdigital 1 Duplicate Theme 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Muller Digital Inc. Duplicate Theme plugin <= 0.1.6 versions.
CVE-2023-46202 1 Auto Login New User After Registration Project 1 Auto Login New User After Registration 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration plugin <= 1.9.6 versions.
CVE-2023-46201 1 Auto Login New User After Registration Project 1 Auto Login New User After Registration 2024-11-21 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a through 1.9.6.
CVE-2023-46198 1 Apointzilla 1 Appointment Calendar 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Scientech It Solution Appointment Calendar plugin <= 2.9.6 versions.
CVE-2023-46193 1 Internetmarketingninjas 1 Internal Link Building 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Internet Marketing Ninjas Internal Link Building plugin <= 1.2.3 versions.
CVE-2023-46191 1 Underdock 1 Open Graph Metabox 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Niels van Renselaar Open Graph Metabox plugin <= 1.4.4 versions.
CVE-2023-46190 1 Novo-media 1 Novo-map\ 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Novo-media Novo-Map : your WP posts on custom google maps plugin <= 1.1.2 versions.
CVE-2023-46189 1 Xtendify 1 Simple Calendar 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Simple Calendar – Google Calendar Plugin <= 3.2.5 versions.
CVE-2023-46152 1 Pluginus 1 Wolf - Wordpress Posts Bulk Editor And Products Manager Professional 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
CVE-2023-46151 1 Awesometogi 1 Product Category Tree 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in AWESOME TOGI Product Category Tree plugin <= 2.5 versions.
CVE-2023-46150 1 Wpmilitary 1 Wp Radio 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WP Military WP Radio plugin <= 3.1.9 versions.
CVE-2023-46095 1 Chetangole 1 Smooth Scroll Links 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole Smooth Scroll Links [SSL] plugin <= 1.1.0 versions.
CVE-2023-46092 1 Lionscripts 1 Webmaster Tools 2024-11-21 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com Webmaster Tools allows Stored XSS.This issue affects Webmaster Tools: from n/a through 2.0.
CVE-2023-46089 1 Userback 1 Userback 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Lee Le @ Userback Userback plugin <= 1.0.13 versions.
CVE-2023-46087 1 Mahlamusa 1 Who Hit The Page Hit Counter 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Mahlamusa Who Hit The Page – Hit Counter plugin <= 1.4.14.3 versions.
CVE-2023-46085 1 Wpmet 1 Wp Ultimate Review 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.2.4 versions.
CVE-2023-46078 1 Pluginever 1 Wc Serial Numbers 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in PluginEver WC Serial Numbers plugin <= 1.6.3 versions.
CVE-2023-46067 1 Qwerty23 1 Rocket Font 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Font plugin <= 1.2.3 versions.