Total
8760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-43338 | 2024-11-19 | N/A | 4.3 MEDIUM | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Cross Site Request Forgery.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.1.2.
|
|||||
| CVE-2024-51686 | 2024-11-19 | N/A | 4.3 MEDIUM | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar, Surender Khokhar Manage User Columns allows Cross Site Request Forgery.This issue affects Manage User Columns: from n/a through 1.0.5.
|
|||||
| CVE-2024-51644 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Sam Wilson Addressbook allows Stored XSS.This issue affects Addressbook: from n/a through 1.1.3.
|
|||||
| CVE-2024-51639 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Hints Naver Blog allows Stored XSS.This issue affects Naver Blog: from n/a through 1.0.
|
|||||
| CVE-2024-51642 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in webhostri Seo Free allows Stored XSS.This issue affects Seo Free: from n/a through 1.4.
|
|||||
| CVE-2024-51648 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Hands, Inc e-shops allows Reflected XSS.This issue affects e-shops: from n/a through 1.0.3.
|
|||||
| CVE-2024-51641 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in jcmlmorav Advanced PDF Generator allows Stored XSS.This issue affects Advanced PDF Generator: from n/a through 0.4.0.
|
|||||
| CVE-2024-51652 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Prem Nawaz Khan, Victor Tsaran, Ron Feathers, and Marc Kocher Skip To allows Stored XSS.This issue affects Skip To: from n/a through 2.0.0.
|
|||||
| CVE-2024-51656 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in litefeel Flash Show And Hide Box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through 1.6.
|
|||||
| CVE-2024-51650 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Scott @ MyDollarPlan.com Random Featured Post allows Stored XSS.This issue affects Random Featured Post: from n/a through 1.1.3.
|
|||||
| CVE-2024-51649 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Patrick Lumumba Mobilize allows Stored XSS.This issue affects Mobilize: from n/a through 3.0.7.
|
|||||
| CVE-2024-51655 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Microkid Custom Author URL allows Stored XSS.This issue affects Custom Author URL: from n/a through 2.0.1.
|
|||||
| CVE-2024-51633 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in IvyCat Web Services Simple Page Specific Sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through 2.14.1.
|
|||||
| CVE-2024-51640 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Matt Rude MDR Webmaster Tools allows Stored XSS.This issue affects MDR Webmaster Tools: from n/a through 1.1.
|
|||||
| CVE-2024-51637 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Scott E. Royalty Admin SMS Alert allows Stored XSS.This issue affects Admin SMS Alert: from n/a through 1.1.0.
|
|||||
| CVE-2024-50533 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through 1.2.1.
|
|||||
| CVE-2024-51635 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading allows Stored XSS.This issue affects While Loading: from n/a through 3.0.
|
|||||
| CVE-2024-51645 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Themefuse ThemeFuse Maintenance Mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through 1.1.3.
|
|||||
| CVE-2024-51654 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in APK.Support APK Downloader allows Stored XSS.This issue affects APK Downloader: from n/a through 1.0.0.
|
|||||
| CVE-2024-51632 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through 4.3.
|
|||||
| CVE-2024-50534 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Syed Umair Hussain Shah World Prayer Time allows Stored XSS.This issue affects World Prayer Time: from n/a through 2.0.
|
|||||
| CVE-2024-51631 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Eftakhairul Islam Sticky Social Bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through 2.0.
|
|||||
| CVE-2024-51657 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Woopy Plugins SmartLink Dynamic URLs allows Stored XSS.This issue affects SmartLink Dynamic URLs: from n/a through 1.1.0.
|
|||||
| CVE-2024-51634 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Webriti WordPress Themes & Plugins Shop Webriti Custom Login allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through 0.3.
|
|||||
| CVE-2024-52402 | 2024-11-19 | N/A | 9.6 CRITICAL | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through 1.1.0.
|
|||||
| CVE-2024-52421 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through 2.0.
|
|||||
| CVE-2024-52420 | 2024-11-19 | N/A | 4.3 MEDIUM | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Disable Admin Notices individually allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a through 1.3.5.
|
|||||
| CVE-2024-52388 | 2024-11-19 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Mike “Mikeage” Miller Hebrew Date allows Stored XSS.This issue affects Hebrew Date: from n/a through 2.1.0.
|
|||||
| CVE-2024-51679 | 1 Appointmind | 1 Appointmind | 2024-11-19 | N/A | 6.1 MEDIUM |
|
Cross-Site Request Forgery (CSRF) vulnerability in GentleSource Appointmind allows Stored XSS.This issue affects Appointmind: from n/a through 4.0.0.
|
|||||
| CVE-2023-0737 | 1 Wallabag | 1 Wallabag | 2024-11-19 | N/A | 6.5 MEDIUM |
|
wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4.
|
|||||
| CVE-2021-27701 | 2024-11-18 | N/A | 4.7 MEDIUM | ||
|
SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.
|
|||||
| CVE-2024-52415 | 2024-11-18 | N/A | 8.8 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Skpstorm SK WP Settings Backup allows Object Injection.This issue affects SK WP Settings Backup: from n/a through 1.0.
|
|||||
| CVE-2024-11118 | 2024-11-18 | N/A | 5.3 MEDIUM | ||
|
The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the updatePluginSettings() function. This makes it possible for unauthenticated attackers to make changes to plugin settings and clear up all the error logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
|
|||||
| CVE-2024-11143 | 1 Kognetiks | 1 Kognetiks Chatbot | 2024-11-18 | N/A | 4.3 MEDIUM |
|
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the update_assistant, add_new_assistant, and delete_assistant functions. This makes it possible for unauthenticated attackers to modify assistants via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
|
|||||
| CVE-2024-11125 | 1 Get-simple | 1 Getsimplecms | 2024-11-15 | 5.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2024-51687 | 2024-11-15 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Platform.Ly Platform.Ly Official allows Stored XSS.This issue affects Platform.Ly Official: from n/a through 1.1.3.
|
|||||
| CVE-2024-47914 | 2024-11-15 | N/A | 4.5 MEDIUM | ||
|
VaeMendis - CWE-352: Cross-Site Request Forgery (CSRF)
|
|||||
| CVE-2024-51684 | 2024-11-15 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu W3P SEO allows Stored XSS.This issue affects W3P SEO: from n/a before 1.8.6.
|
|||||
| CVE-2024-51659 | 2024-11-15 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in GeekRMX Twitter @Anywhere Plus allows Stored XSS.This issue affects Twitter @Anywhere Plus: from n/a through 2.0.
|
|||||
| CVE-2024-51688 | 2024-11-15 | N/A | 7.1 HIGH | ||
|
Cross-Site Request Forgery (CSRF) vulnerability in FraudLabs Pro FraudLabs Pro SMS Verification allows Stored XSS.This issue affects FraudLabs Pro SMS Verification: from n/a through 1.10.1.
|
|||||