Total
5731 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34178 | 1 Groundhogg | 1 Groundhogg | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions. | |||||
| CVE-2023-34181 | 1 Wp-cirrus Project | 1 Wp-cirrus | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus plugin <= 0.6.11 versions. | |||||
| CVE-2023-34182 | 1 Shawfactor | 1 Lh-password-changer | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw LH Password Changer plugin <= 1.55 versions. | |||||
| CVE-2023-34371 | 1 Spamreferrerblock Project | 1 Spamreferrerblock | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions. | |||||
| CVE-2023-47237 | 1 Auto Publish For Google My Business Project | 1 Auto Publish For Google My Business | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson Auto Publish for Google My Business plugin <= 3.7 versions. | |||||
| CVE-2023-47238 | 1 Webberzone | 1 Top 10 | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WebberZone Top 10 – WordPress Popular posts by WebberZone plugin <= 3.3.2 versions. | |||||
| CVE-2023-34033 | 1 Malinky | 1 Malinky-ajax-pagination | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin <= 2.0.1 versions. | |||||
| CVE-2023-34171 | 1 Esiteq | 1 Wp Report Post | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Raven WP Report Post plugin <= 2.1.2 versions. | |||||
| CVE-2023-34177 | 1 Kenthhagstrom | 1 Wp-cachecom | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Kenth Hagström WP-Cache.Com plugin <= 1.1.1 versions. | |||||
| CVE-2023-46242 | 1 Xwiki | 1 Xwiki | 2023-11-14 | N/A | 8.8 HIGH |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have `programming` privileges in order to exploit this vulnerability. This issue has been patched in XWiki 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for for this vulnerability. | |||||
| CVE-2023-5532 | 1 Imagemapper Project | 1 Imagemapper | 2023-11-14 | N/A | 4.3 MEDIUM |
| The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on the 'imgmap_save_area_title' function. This makes it possible for unauthenticated attackers to update the post title and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2023-5975 | 1 Imagemapper Project | 1 Imagemapper | 2023-11-14 | N/A | 4.3 MEDIUM |
| The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to update the plugin settings via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2023-47182 | 1 Nazmulhossainnihal | 1 Login Screen Manager | 2023-11-14 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions. | |||||
| CVE-2023-46775 | 1 Zixn | 1 Original Texts Yandex Webmaster | 2023-11-14 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions. | |||||
| CVE-2021-43137 | 1 Phpgurukul | 1 Hostel Management System | 2023-11-14 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover. | |||||
| CVE-2023-46776 | 1 Josie | 1 Auto Excerpt Everywhere | 2023-11-14 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Serena Villa Auto Excerpt everywhere plugin <= 1.5 versions. | |||||
| CVE-2023-46778 | 1 Thefreewindows | 1 Auto Limit Posts Reloaded | 2023-11-14 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin <= 2.5 versions. | |||||
| CVE-2023-46779 | 1 Easyrecipe Project | 1 Easyrecipe | 2023-11-14 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin <= 3.5.3251 versions. | |||||
| CVE-2023-46780 | 1 Altersoftware | 1 Alter | 2023-11-14 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Alter plugin <= 1.0 versions. | |||||
| CVE-2023-46781 | 1 Rolandmurg | 1 Current Menu Item For Custom Post Types | 2023-11-14 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg Current Menu Item for Custom Post Types plugin <= 1.5 versions. | |||||