Total
5731 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-31088 | 1 Floating Action Button Project | 1 Floating Action Button | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi Floating Action Button plugin <= 1.2.1 versions. | |||||
| CVE-2023-31093 | 1 Chronosly-events-calendar Project | 1 Chronosly-events-calendar | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly Events Calendar plugin <= 2.6.2 versions. | |||||
| CVE-2023-32092 | 1 Peepso | 1 Peepso | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin <= 6.0.9.0 versions. | |||||
| CVE-2023-31235 | 1 Xnau | 1 Participants Database | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.9 versions. | |||||
| CVE-2023-32093 | 1 Tpginc | 1 Tpg Redirect | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Criss Swaim TPG Redirect plugin <= 1.0.7 versions. | |||||
| CVE-2023-32125 | 1 Danielpowney | 1 Multi Rating | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions. | |||||
| CVE-2023-32500 | 1 Xtemos | 1 Woodmart | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions. | |||||
| CVE-2023-32501 | 1 Vikwp | 1 Vikbooking Hotel Booking Engine \& Pms | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.6.1 versions. | |||||
| CVE-2023-32502 | 1 Cyberwire | 1 Pro Mime Types | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions. | |||||
| CVE-2022-47181 | 1 Wpexperts | 1 Email Templates Customizer And Designer | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in wpexpertsio Email Templates Customizer and Designer for WordPress and WooCommerce email-templates allows Cross Site Request Forgery.This issue affects Email Templates Customizer and Designer for WordPress and WooCommerce: from n/a through 1.4.2. | |||||
| CVE-2023-32594 | 1 E2b | 1 Hyphenator | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Benedict B., Maciej Gryniuk Hyphenator plugin <= 5.1.5 versions. | |||||
| CVE-2023-5818 | 1 Gara | 1 Amazonify | 2023-11-15 | N/A | 4.3 MEDIUM |
| The Amazonify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.8.1. This is due to missing or incorrect nonce validation on the amazonifyOptionsPage() function. This makes it possible for unauthenticated attackers to update the plugins settings, including the Amazon Tracking ID, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2023-5982 | 1 Updraftplus | 1 Updraftplus | 2023-11-15 | N/A | 5.4 MEDIUM |
| The UpdraftPlus: WordPress Backup & Migration Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.23.10. This is due to a lack of nonce validation and insufficient validation of the instance_id on the 'updraftmethod-googledrive-auth' action used to update Google Drive remote storage location. This makes it possible for unauthenticated attackers to modify the Google Drive location that backups are sent to via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This can make it possible for attackers to receive backups for a site which may contain sensitive information. | |||||
| CVE-2023-25994 | 1 Publish To Schedule Project | 1 Publish To Schedule | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.4.2 versions. | |||||
| CVE-2023-45884 | 1 Nasa | 1 Openmct | 2023-11-15 | N/A | 6.5 MEDIUM |
| Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to view sensitive information via the flexibleLayout plugin. | |||||
| CVE-2023-25975 | 1 Etsy Shop Project | 1 Etsy Shop | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Frédéric Sheedy Etsy Shop plugin <= 3.0.3 versions. | |||||
| CVE-2023-31087 | 1 Joomsky | 1 Js Job Manager | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. | |||||
| CVE-2023-34002 | 1 Wpinventory | 1 Wp Inventory Manager | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory Manager plugin <= 2.1.0.13 versions. | |||||
| CVE-2023-34386 | 1 Wpclever | 1 Wpc Smart Wishlist For Woocommerce | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions. | |||||
| CVE-2023-46614 | 1 Matbao | 1 Wp Helper Premium | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 versions. | |||||