Total
6247 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35047 | 1 Areoi | 1 All Bootstrap Blocks | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions. | ||||
| CVE-2023-36690 | 1 Vibethemes | 1 Wordpress Learning Management System | 2024-10-07 | 8.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS theme <= 4.900 versions. | ||||
| CVE-2023-35044 | 1 Securimage-wp-fixed Project | 1 Securimage-wp-fixed | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Drew Phillips Securimage-WP plugin <= 3.6.16 versions. | ||||
| CVE-2023-25443 | 1 Wow-company | 1 Button Generator | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.5 versions. | ||||
| CVE-2023-36522 | 1 Wepupil | 1 Quiz Expert - Easy Quiz Maker\, Exam And Test Manager | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WePupil Quiz Expert plugin <= 1.5.0 versions. | ||||
| CVE-2023-24417 | 1 Tiggerswelt | 1 Worthy | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in tiggersWelt.Net Worthy plugin <= 1.6.5-6497609 versions. | ||||
| CVE-2023-35773 | 1 Template Debugger Project | 1 Template Debugger | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Danny Hearnah - ChubbyNinjaa Template Debugger plugin <= 3.1.2 versions. | ||||
| CVE-2024-7892 | 2 Vladyslav Bondarenko, Vladyslavbondarenko | 2 Adstxt, Adstxt | 2024-10-07 | 4.3 Medium |
| The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | ||||
| CVE-2024-7690 | 1 Digireturn | 2 Dn-popup, Dn Popup | 2024-10-07 | 5.4 Medium |
| The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | ||||
| CVE-2023-35089 | 1 Really-simple-plugins | 1 Recipe Maker For Your Food Blog From Zip Recipes | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.7 versions. | ||||
| CVE-2023-35038 | 1 Wpexperts | 1 Wp Pdf Generator | 2024-10-07 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wpexperts.Io WP PDF Generator plugin <= 1.2.2 versions. | ||||
| CVE-2023-27424 | 1 Inactive User Deleter Project | 1 Inactive User Deleter | 2024-10-07 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Korol Yuriy aka Shra Inactive User Deleter plugin <= 1.59 versions. | ||||
| CVE-2023-23646 | 1 Awplife | 1 Album Gallery | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions. | ||||
| CVE-2023-22672 | 1 Vibethemes | 1 Vslider | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <= 4.1.2 versions. | ||||
| CVE-2023-27606 | 1 Wp Reroute Email Project | 1 Wp Reroute Email | 2024-10-07 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Sajjad Hossain WP Reroute Email plugin <= 1.4.6 versions. | ||||
| CVE-2023-32104 | 1 Mycurator Content Curation Project | 1 Mycurator Content Curation | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurator Content Curation plugin <= 3.74 versions. | ||||
| CVE-2023-35091 | 1 Storeapps | 1 Stock Manager For Woocommerce | 2024-10-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Manager for WooCommerce plugin <= 2.10.0 versions. | ||||
| CVE-2024-45987 | 1 Online Voting System Project | 1 Online Voting System | 2024-10-05 | 6.5 Medium |
| Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent or knowledge. The attack leverages the user's active session to perform the unauthorized action, compromising the integrity of the voting process. | ||||
| CVE-2024-28948 | 1 Advantech | 2 Adam-5630, Adam-5630 Firmware | 2024-10-04 | 8 High |
| Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. | ||||
| CVE-2024-9282 | 1 Bg5sbk | 1 Minicms | 2024-10-04 | 4.3 Medium |
| A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected is an unknown function of the file page-edit.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions confusing version and file name information. The vendor was contacted early about this disclosure but did not respond in any way. | ||||