Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 5731 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40202 1 Codemiq 1 Wp Html Mail 2023-10-06 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin <= 3.4.1 versions.
CVE-2023-40199 1 Crudlab 1 Wp Like Button 2023-10-06 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab WP Like Button plugin <= 1.7.0 versions.
CVE-2023-39158 1 Multidots 1 Banner Management For Woocommerce 2023-10-06 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Banner Management For WooCommerce plugin <= 2.4.2 versions.
CVE-2023-40212 1 Multidots 1 Product Attachment For Woocommerce 2023-10-06 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Product Attachment for WooCommerce plugin <= 2.1.8 versions.
CVE-2023-40198 1 Antsanchez 1 Easy Cookie Law 2023-10-06 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Cookie Law plugin <= 3.1 versions.
CVE-2023-40009 1 Thimpress 1 Wp Pipes 2023-10-06 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Pipes plugin <= 1.4.0 versions.
CVE-2023-39159 1 Multidots 1 Fraud Prevention For Woocommerce 2023-10-06 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Fraud Prevention For Woocommerce plugin <= 2.1.5 versions.
CVE-2023-40559 1 Multidots 1 Dynamic Pricing And Discount Rules For Woocommerce 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic Pricing and Discount Rules for WooCommerce plugin <= 2.4.0 versions.
CVE-2023-25025 1 Chetangole 1 Wp-copyprotect \[protect Your Blog Posts\] 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.
CVE-2023-27433 1 Yasglobal 1 Make Paths Relative 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative plugin <= 1.3.0 versions.
CVE-2023-40561 1 Multidots 1 Enhanced Ecommerce Google Analytics For Woocommerce 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhanced Ecommerce Google Analytics for WooCommerce plugin <= 3.7.1 versions.
CVE-2023-25788 1 Saphali 1 Woocommerce 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Saphali Saphali Woocommerce Lite plugin <= 1.8.13 versions.
CVE-2023-25980 1 Cagewebdev 1 Optimize Database After Deleting Revisions 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in CAGE Web Design | Rolf van Gelder Optimize Database after Deleting Revisions plugin <= 5.1 versions.
CVE-2023-37995 1 Wp-copyprotect Project 1 Wp-copyprotect 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.
CVE-2023-39989 1 Draftpress 1 Header Footer Code Manager 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in 99robots Header Footer Code Manager plugin <= 1.1.34 versions.
CVE-2023-40210 1 Sean-barton 1 Sb Child List 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Sean Barton (Tortoise IT) SB Child List plugin <= 4.5 versions.
CVE-2023-39923 1 Radiustheme 1 The Post Grid 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 7.2.7 versions.
CVE-2023-27435 1 Yasglobal 1 Http Auth 2023-10-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui HTTP Auth plugin <= 0.3.2 versions.
CVE-2023-32792 1 Nxlog 1 Nxlog Manager 2023-10-05 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests.
CVE-2023-32791 1 Nxlog 1 Nxlog Manager 2023-10-05 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests.