Search Results (366574 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-41635 1 Zorem 1 Advanced Shipment Tracking For Woocommerce 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin <= 3.5.2 versions.
CVE-2022-47161 1 Wordpress 1 Health Check \& Troubleshooting 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions.
CVE-2023-30484 1 Upress 1 Enable Accessibility 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in uPress Enable Accessibility plugin <= 1.4 versions.
CVE-2022-45367 1 Tychesoftwares 1 Custom Order Numbers For Woocommerce 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <= 1.4.0 versions.
CVE-2022-41987 1 Badgeos 1 Badgeos 2025-01-08 6.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in LearningTimes BadgeOS plugin <= 3.7.1.6 versions.
CVE-2022-43490 1 Xwp 1 Stream 2025-01-08 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin <= 3.9.2 versions.
CVE-2022-38356 1 Stylemixthemes 1 Pearl Header Builder 2025-01-08 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin <= 1.3.4 versions.
CVE-2022-38716 1 Stylemixthemes 1 Motors - Car Dealer\, Classifieds \& Listing 2025-01-08 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions.
CVE-2022-45371 1 Wpmet 1 Shopengine 2025-01-08 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Wpmet ShopEngine plugin <= 4.1.1 versions.
CVE-2022-45815 1 Stylemixthemes 1 Gdpr Compliance \& Cookie Consent 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes GDPR Compliance & Cookie Consent plugin <= 1.2 versions.
CVE-2022-46820 1 Wpjoli 1 Joli Table Of Contents 2025-01-08 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WPJoli Joli Table Of Contents plugin <= 1.3.9 versions.
CVE-2022-46814 1 Pierros 1 Kodex Posts Likes 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lebedel Kodex Posts likes plugin <= 2.4.3 versions.
CVE-2022-46856 1 Orion 1 Woocommerce Products Designer 2025-01-08 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce Products Designer plugin <= 4.3.3 versions.
CVE-2022-47144 1 Frenify 1 Mediamatic 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions.
CVE-2022-47136 1 Wpmanageninja 1 Ninja Tables 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WPManageNinja LLC Ninja Tables – Best Data Table Plugin for WordPress plugin <= 4.3.4 versions.
CVE-2022-47178 1 Simplesharebuttons 1 Simple Share Buttons Adder 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin <= 8.4.7 versions.
CVE-2022-47174 1 Wordpress 1 Performance Lab 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WordPress Performance Team Performance Lab plugin <= 2.2.0 versions.
CVE-2023-23714 1 Uncannyowl 1 Uncanny Toolkit For Learndash 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin <= 3.6.4.1 versions.
CVE-2023-25971 1 Fixbd 1 Educare 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in FixBD Educare plugin <= 1.4.1 versions.
CVE-2023-32310 1 Dataease 1 Dataease 2025-01-08 8.1 High
DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.