Total
8760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46805 | 1 Wptrio | 1 Conditional Shipping For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 leading to activation/deactivation of plugin rulesets.
|
|||||
| CVE-2022-46800 | 1 Litespeedtech | 1 Litespeed Cache | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions.
|
|||||
| CVE-2022-46798 | 1 Hasthemes | 1 Woolentor - Woocommerce Elementor Addons \+ Builder | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change.
|
|||||
| CVE-2022-46794 | 1 Weightbasedshipping | 1 Woocommerce Weight Based Shipping | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in weightbasedshipping.Com WooCommerce Weight Based Shipping plugin <= 5.4.1 versions.
|
|||||
| CVE-2022-46793 | 1 Adtribes | 1 Product Feed Pro For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io Product Feed PRO for WooCommerce plugin <= 12.4.4 versions.
|
|||||
| CVE-2022-46368 | 1 Maxum | 1 Rumpus | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
|
|||||
| CVE-2022-46367 | 1 Maxum | 1 Rumpus | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
|
|||||
| CVE-2022-45850 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Nickys Image Map Pro allows Stored XSS.This issue affects Image Map Pro: from n/a before 5.6.9.
|
|||||
| CVE-2022-45846 | 1 Wpmart | 1 Interactive Svg Image Map Builder | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin < 5.6.9 versions.
|
|||||
| CVE-2022-45828 | 1 Nootheme | 1 Noo Timetable | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in NooTheme Noo Timetable plugin <= 2.1.3 versions.
|
|||||
| CVE-2022-45824 | 1 Elbtide | 1 Advanced Booking Calendar | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.
|
|||||
| CVE-2022-45823 | 1 Video Contest Wordpress Project | 1 Video Contest Wordpress | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in GalleryPlugins Video Contest WordPress plugin <= 3.2 versions.
|
|||||
| CVE-2022-45815 | 1 Stylemixthemes | 1 Gdpr Compliance \& Cookie Consent | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes GDPR Compliance & Cookie Consent plugin <= 1.2 versions.
|
|||||
| CVE-2022-45807 | 1 Wpvibes | 1 Wp Mail Log | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) in WPVibes WP Mail Log plugin <= 1.0.1 versions.
|
|||||
| CVE-2022-45804 | 1 Robogallery | 1 Robo Gallery | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.9 leading to galleries hierarchy change, included plugin deactivate & activate.
|
|||||
| CVE-2022-45376 | 1 Xootix | 1 Side Cart Woocommerce | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions.
|
|||||
| CVE-2022-45372 | 1 Codeixer | 1 Product Gallery Slider For Woocommerce | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Codeixer Product Gallery Slider for WooCommerce plugin <= 2.2.8 versions.
|
|||||
| CVE-2022-45371 | 1 Wpmet | 1 Shopengine | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Wpmet ShopEngine plugin <= 4.1.1 versions.
|
|||||
| CVE-2022-45367 | 1 Tychesoftwares | 1 Custom Order Numbers For Woocommerce | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <= 1.4.0 versions.
|
|||||
| CVE-2022-45364 | 1 Codedropz | 1 Drag And Drop Multiple File Upload - Contact Form 7 | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.6.5 versions.
|
|||||
| CVE-2022-45127 | 1 Sewio | 1 Real-time Location System Studio | 2024-11-21 | N/A | 8.1 HIGH |
|
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition.
|
|||||
| CVE-2022-45080 | 1 Krishaweb | 1 Add Multiple Marker | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in KrishaWeb Add Multiple Marker plugin <= 1.2 versions.
|
|||||
| CVE-2022-45079 | 1 Loginizer | 1 Loginizer | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
|
|||||
| CVE-2022-45076 | 1 Webmat | 1 Flexible Elementor Panel | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions.
|
|||||
| CVE-2022-45074 | 1 Areteit | 1 Activity Reactions For Buddypress | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Paramveer Singh for Arete IT Private Limited Activity Reactions For Buddypress plugin <= 1.0.22 versions.
|
|||||
| CVE-2022-45073 | 1 Miniorange | 1 Wordpress Rest Api Authentication | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in REST API Authentication plugin <= 2.4.0 on WordPress.
|
|||||
| CVE-2022-45072 | 1 Wpml | 1 Wpml | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.
|
|||||
| CVE-2022-45071 | 1 Wpml | 1 Wpml | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.
|
|||||
| CVE-2022-45068 | 1 Mercadopago | 1 Mercado Pago Payments For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1.
|
|||||
| CVE-2022-45067 | 1 Devscred | 1 Exclusive Addons For Elementor | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions.
|
|||||
| CVE-2022-44741 | 1 Slidervilla | 1 Testimonial Slider | 2024-11-21 | N/A | 6.1 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) in David Anderson Testimonial Slider plugin <= 1.3.1 on WordPress.
|
|||||
| CVE-2022-44740 | 1 Constantcontact | 1 Creative Mail | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress.
|
|||||
| CVE-2022-44739 | 1 Thingsforrestaurants | 1 Quick Restaurant Reservations | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.5.4 versions.
|
|||||
| CVE-2022-44737 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress.
|
|||||
| CVE-2022-44627 | 1 Coleds | 1 Simple Seo | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows attackers to create or delete sitemaps.
|
|||||
| CVE-2022-44585 | 1 Magneticlab | 1 Homepage Pop-up | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions.
|
|||||
| CVE-2022-43980 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | N/A | 5.2 MEDIUM |
|
There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS payload will be executed. The exploitation of this vulnerability could allow an atacker to steal the value of the admin user´s cookie.
|
|||||
| CVE-2022-43710 | 1 Gxsoftware | 1 Xperiencentral | 2024-11-21 | N/A | 8.8 HIGH |
|
Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields.
|
|||||
| CVE-2022-43491 | 1 Algolplus | 1 Advanced Dynamic Pricing For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to plugin settings import.
|
|||||
| CVE-2022-43490 | 1 Xwp | 1 Stream | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin <= 3.9.2 versions.
|
|||||