Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 5731 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31708 1 Eyoucms 1 Eyoucms 2023-05-27 N/A 4.3 MEDIUM
A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function.
CVE-2023-25448 1 Archivist Project 1 Archivist 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin <= 1.7.4 versions.
CVE-2023-25447 1 Inkthemes 1 Colorway 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.
CVE-2022-47167 1 Crayon Syntax Highlighter Project 1 Crayon Syntax Highlighter 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Crayon Syntax Highlighter plugin <= 2.8.4 versions.
CVE-2023-23797 1 Secondlinethemes 1 Auto Youtube Importer 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in SecondLineThemes Auto YouTube Importer plugin <= 1.0.3 versions.
CVE-2022-47609 1 Nicearma 1 Dnui-delete-not-used-image 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Nicearma DNUI plugin <= 2.8.1 versions.
CVE-2023-25056 1 Slickremix 1 Feed Them Social 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed Them Social plugin <= 3.0.2 versions.
CVE-2023-23713 1 Theme Tweaker Project 1 Theme Tweaker 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Manoj Thulasidas Theme Tweaker plugin <= 5.20 versions.
CVE-2023-23705 1 Hmplugin 1 Wordpress Books Gallery 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.
CVE-2022-46853 1 Radiustheme 1 Post Grid 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 5.0.4 versions.
CVE-2022-46851 1 Brainstormforce 1 Starter Templates 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates plugin <= 3.1.20 versions.
CVE-2023-25707 1 Vikwp 1 Vikbooking Hotel Booking Engine \& Pms 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.12 versions.
CVE-2023-25481 1 Podlove 1 Podlove Subscribe Button 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Subscribe button plugin <= 1.3.7 versions.
CVE-2023-25472 1 Podlove 1 Podlove Podcast Publisher 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions.
CVE-2023-23724 1 Winwar 1 Wp Email Capture 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Winwar Media WP Email Capture plugin <= 3.9.3 versions.
CVE-2023-23706 1 Miniorange 1 Wordpress Social Login And Register \(discord\, Google\, Twitter\, Linkedin\) 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions.
CVE-2018-16966 1 Webdesi9 1 File Manager 2023-05-26 6.8 MEDIUM 8.8 HIGH
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.
CVE-2014-9414 1 Boldgrid 1 W3 Total Cache 2023-05-26 6.8 MEDIUM N/A
The W3 Total Cache plugin before 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redirect URI via the mobile_groups[*][redirect] parameter and an empty _wpnonce parameter in the w3tc_mobile page to wp-admin/admin.php.
CVE-2022-45079 1 Loginizer 1 Loginizer 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
CVE-2022-45376 1 Xootix 1 Side Cart Woocommerce 2023-05-26 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions.