Total
8760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34024 | 1 Guillemantdavid | 1 Full Auto Tags Manager | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Guillemant David WP Full Auto Tags Manager plugin <= 2.2 versions.
|
|||||
| CVE-2023-34015 | 1 Piwebsolution | 1 Advanced-free-flat-shipping-woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions.
|
|||||
| CVE-2023-34005 | 1 Etoilewebdesign | 1 Front End Users | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Front End Users plugin <= 3.2.24 versions.
|
|||||
| CVE-2023-34002 | 1 Wpinventory | 1 Wp Inventory Manager | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory Manager plugin <= 2.1.0.13 versions.
|
|||||
| CVE-2023-33931 | 1 Getbutterfly | 1 Youtube Playlist Player | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu YouTube Playlist Player plugin <= 4.6.4 versions.
|
|||||
| CVE-2023-33926 | 1 Supsystic | 1 Easy Google Maps | 2024-11-21 | N/A | 7.1 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions.
|
|||||
| CVE-2023-33534 | 1 Sztozed | 2 Zlt S10g, Zlt S10g Firmware | 2024-11-21 | N/A | 8.8 HIGH |
|
A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process.
|
|||||
| CVE-2023-33333 | 1 Really-simple-plugins | 1 Complianz | 2024-11-21 | N/A | 7.1 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting (XSS).This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1.
|
|||||
| CVE-2023-33316 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions.
|
|||||
| CVE-2023-33315 | 1 Wandlesoftware | 1 Smart App Banner | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin <= 1.1.2 versions.
|
|||||
| CVE-2023-33314 | 1 Pluginus | 1 Bear - Woocommerce Bulk Editor And Products Manager Professional | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR plugin <= 1.1.3.1 versions.
|
|||||
| CVE-2023-33313 | 1 Themeinprogress | 1 Wip Custom Login | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in ThemeinProgress WIP Custom Login plugin <= 1.2.9 versions.
|
|||||
| CVE-2023-33214 | 1 Taggbox | 1 Taggbox | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1.
|
|||||
| CVE-2023-33212 | 1 Crocoblock | 1 Jetformbuilder | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin <= 3.0.6 versions.
|
|||||
| CVE-2023-33207 | 1 Wielogorski | 1 Stop Referrer Spam | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Wielogórski Stop Referrer Spam plugin <= 1.3.0 versions.
|
|||||
| CVE-2023-32966 | 1 Crudlab | 1 Jazz Popups | 2024-11-21 | N/A | 6.1 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab Jazz Popups leads to Stored XSS.This issue affects Jazz Popups: from n/a through 1.8.7.
|
|||||
| CVE-2023-32964 | 1 Madewithfuel | 1 Better Notifications For Wp | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <= 1.9.2 versions.
|
|||||
| CVE-2023-32960 | 1 Updraftplus | 1 Updraftplus | 2024-11-21 | N/A | 7.1 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin <= 1.23.3 versions leads to sitewide Cross-Site Scripting (XSS).
|
|||||
| CVE-2023-32794 | 1 Woocommerce | 1 Product Addons | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.
|
|||||
| CVE-2023-32792 | 1 Nxlog | 1 Nxlog Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests.
|
|||||
| CVE-2023-32791 | 1 Nxlog | 1 Nxlog Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests.
|
|||||
| CVE-2023-32761 | 1 Archerirm | 1 Archer | 2024-11-21 | N/A | 8.1 HIGH |
|
Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request.
|
|||||
| CVE-2023-32745 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.
|
|||||
| CVE-2023-32744 | 1 Woocommerce | 1 Product Recommendations | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions.
|
|||||
| CVE-2023-32625 | 1 Sakura | 1 Ts Webfonts | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-site request forgery (CSRF) vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page.
|
|||||
| CVE-2023-32602 | 1 Lokalyze | 1 Call Me Now | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in LOKALYZE CALL ME NOW plugin <= 3.0 versions.
|
|||||
| CVE-2023-32594 | 1 E2b | 1 Hyphenator | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Benedict B., Maciej Gryniuk Hyphenator plugin <= 5.1.5 versions.
|
|||||
| CVE-2023-32592 | 1 Fast-search-powered-by-solr Project | 1 Fast-search-powered-by-solr | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions.
|
|||||
| CVE-2023-32589 | 1 Pingonline | 1 Dyslexiefont Free | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin <= 1.0.0 versions.
|
|||||
| CVE-2023-32588 | 1 Brandbrilliance | 1 Post State Tags | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions.
|
|||||
| CVE-2023-32587 | 1 Wpreactions | 1 Wp Reactions Lite | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in WP Reactions, LLC WP Reactions Lite plugin <= 1.3.8 versions.
|
|||||
| CVE-2023-32583 | 1 Walkeprashant | 1 Wp All Backup | 2024-11-21 | N/A | 6.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3 versions.
|
|||||
| CVE-2023-32579 | 1 Designsandcode | 1 Forget About Shortcode Buttons | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forget About Shortcode Buttons plugin <= 2.1.2 versions.
|
|||||
| CVE-2023-32514 | 1 Himanshuparashar | 1 Google Site Verification Plugin Using Meta Tag | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Himanshu Parashar Google Site Verification plugin using Meta Tag.This issue affects Google Site Verification plugin using Meta Tag: from n/a through 1.2.
|
|||||
| CVE-2023-32512 | 1 Shortpixel | 1 Shortpixel Adaptive Images | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.
|
|||||
| CVE-2023-32504 | 1 Kaine | 1 Wise Chat | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Kainex Wise Chat.This issue affects Wise Chat: from n/a through 3.1.3.
|
|||||
| CVE-2023-32502 | 1 Cyberwire | 1 Pro Mime Types | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions.
|
|||||
| CVE-2023-32501 | 1 Vikwp | 1 Vikbooking Hotel Booking Engine \& Pms | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.6.1 versions.
|
|||||
| CVE-2023-32500 | 1 Xtemos | 1 Woodmart | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions.
|
|||||
| CVE-2023-32245 | 1 Wpdeveloper | 1 Essential Addons For Elementor | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8.
|
|||||