Total
8760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25450 | 1 Givewp | 1 Givewp | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform plugin <= 2.25.1 versions.
|
|||||
| CVE-2023-25449 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.
|
|||||
| CVE-2023-25448 | 1 Archivist Project | 1 Archivist | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin <= 1.7.4 versions.
|
|||||
| CVE-2023-25447 | 1 Inkthemes | 1 Colorway | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.
|
|||||
| CVE-2023-25443 | 1 Wow-company | 1 Button Generator | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.5 versions.
|
|||||
| CVE-2023-25201 | 1 Multitech | 4 Conduit Ap Mtcap2-l4e1, Conduit Ap Mtcap2-l4e1-868-042a, Conduit Ap Mtcap2-l4e1-868-042a Firmware and 1 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload.
|
|||||
| CVE-2023-25170 | 1 Prestashop | 1 Prestashop | 2024-11-21 | N/A | 5.0 MEDIUM |
|
PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). When authenticating users, PrestaShop preserves session attributes. Because this does not clear CSRF tokens upon login, this might enable same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. The problem is fixed in version 8.0.1.
|
|||||
| CVE-2023-25066 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions.
|
|||||
| CVE-2023-25065 | 1 Shapedplugin | 1 Wp Tabs | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions.
|
|||||
| CVE-2023-25056 | 1 Slickremix | 1 Feed Them Social | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed Them Social plugin <= 3.0.2 versions.
|
|||||
| CVE-2023-25055 | 1 Digitalinspiration | 1 Google Xml Sitemap For Videos | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Videos plugin <= 2.6.1 versions.
|
|||||
| CVE-2023-25051 | 1 Comment Reply Notification Project | 1 Comment Reply Notification | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Denishua Comment Reply Notification plugin <= 1.4 versions.
|
|||||
| CVE-2023-25038 | 1 984.ru | 1 For The Visually Impaired | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visually impaired plugin <= 0.58 versions.
|
|||||
| CVE-2023-25036 | 1 Social Media Icons Widget Project | 1 Social Media Icons Widget | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin <= 1.6 versions.
|
|||||
| CVE-2023-25034 | 1 Wp Clean Up Project | 1 Wp Clean Up | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <= 1.2.3 versions.
|
|||||
| CVE-2023-25033 | 1 Sumo | 1 Social Share Boost | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <= 4.5 versions.
|
|||||
| CVE-2023-25029 | 1 Wp Social Bookmarking Light Project | 1 Wp Social Bookmarking Light | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in utahta WP Social Bookmarking Light plugin <= 2.0.7 versions.
|
|||||
| CVE-2023-25025 | 1 Chetangole | 1 Wp-copyprotect \[protect Your Blog Posts\] | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.
|
|||||
| CVE-2023-24920 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
|
|||||
| CVE-2023-24518 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | N/A | 6.7 MEDIUM |
|
A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. This issue affects Pandora FMS version 767 and earlier versions on all platforms.
|
|||||
| CVE-2023-24421 | 1 Wpengine | 1 Php Compatibility Checker | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WP Engine PHP Compatibility Checker plugin <= 1.5.2 versions.
|
|||||
| CVE-2023-24419 | 1 Strategy11 | 1 Formidable Form Builder | 2024-11-21 | N/A | 7.1 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Form Builder Team Formidable Forms plugin <= 5.5.6 versions.
|
|||||
| CVE-2023-24417 | 1 Tiggerswelt | 1 Worthy | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in tiggersWelt.Net Worthy plugin <= 1.6.5-6497609 versions.
|
|||||
| CVE-2023-24415 | 1 Quantumcloud | 1 Chatbot | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.2.8 versions.
|
|||||
| CVE-2023-24414 | 1 Robosoft | 1 Robogallery | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions.
|
|||||
| CVE-2023-24405 | 1 Wpplugin | 1 Paypal \& Stripe Add-on | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on plugin <= 1.9.3 versions.
|
|||||
| CVE-2023-24395 | 1 Wpplugin | 1 Contact Form 7 Redirect \& Thank You Page | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 Redirect & Thank You Page plugin <= 1.0.3 versions.
|
|||||
| CVE-2023-24388 | 1 Wpdevart | 1 Booking Calendar | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
|
|||||
| CVE-2023-24384 | 1 Wpdevart | 1 Organization Chart | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart <= 1.4.4 versions.
|
|||||
| CVE-2023-24382 | 1 Material Design Icons For Page Builders Project | 1 Material Design Icons For Page Builders | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions.
|
|||||
| CVE-2023-24380 | 1 Webbjocke | 1 Simple Wp Sitemap | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp Sitemap.This issue affects Simple Wp Sitemap: from n/a through 1.2.1.
|
|||||
| CVE-2023-24377 | 1 Lightspeedhq | 1 Ecwid Ecommerce Shopping Cart | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions.
|
|||||
| CVE-2023-24048 | 1 Connectize | 2 Ac21000 G6, Ac21000 G6 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
|
Cross Site Request Forgery (CSRF) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via crafted GET request to /man_password.htm.
|
|||||
| CVE-2023-24008 | 1 Wpmaspik | 1 Maspik | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in yonifre Maspik – Spam Blacklist plugin <= 0.7.8 versions.
|
|||||
| CVE-2023-24007 | 1 Admin Block Country Project | 1 Admin Block Country | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in TheOnlineHero - Tom Skroza Admin Block Country plugin <= 7.1.4 versions.
|
|||||
| CVE-2023-23997 | 1 Database Collation Fix Project | 1 Database Collation Fix | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Dave Jesch Database Collation Fix plugin <= 1.2.7 versions.
|
|||||
| CVE-2023-23993 | 1 Lionscripts | 1 Ip Blocker Lite | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com LionScripts: IP Blocker Lite plugin <= 11.1.1 versions.
|
|||||
| CVE-2023-23992 | 1 Automatorwp | 1 Automatorwp | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.
|
|||||
| CVE-2023-23984 | 1 Wow-company | 1 Bubble Menu | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion.
|
|||||
| CVE-2023-23983 | 1 Wpdevart | 1 Responsive Vertical Icon Menu | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 can lead to theme deletion.
|
|||||