Total
6248 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-41864 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0. | ||||
| CVE-2023-41792 | 1 Artica | 1 Pandora Fms | 2024-08-02 | 5.9 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in the SNMP Trap Editor. This issue affects Pandora FMS: from 700 through 773. | ||||
| CVE-2023-41694 | 1 Realbig | 1 Realbig | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Realbig Team Realbig For WordPress plugin <= 1.0.3 versions. | ||||
| CVE-2023-41129 | 1 Patreon | 1 Patreon Wordpress | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.This issue affects Patreon WordPress: from n/a through 1.8.6. | ||||
| CVE-2023-41131 | 1 Followingmedarling | 1 Spotify Play Button | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <= 2.10 versions. | ||||
| CVE-2023-41086 | 1 Furunosystems | 24 Acera 1010, Acera 1010 Firmware, Acera 1020 and 21 more | 2024-08-02 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability exists in FURUNO SYSTEMS wireless LAN access point devices. If a user views a malicious page while logged in, unintended operations may be performed. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode. | ||||
| CVE-2023-39166 | 1 Tagdiv | 1 Tagdiv Composer | 2024-08-02 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4. | ||||
| CVE-2023-38268 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-08-02 | 4.3 Medium |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585. | ||||
| CVE-2024-38776 | 2024-08-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson WP GoToWebinar allows Cross-Site Scripting (XSS).This issue affects WP GoToWebinar: from n/a through 15.7. | ||||
| CVE-2023-38130 | 1 Cubecart | 1 Cubecart | 2024-08-02 | 8.1 High |
| Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system. | ||||
| CVE-2023-37992 | 1 Presspage | 1 Smarty For Wordpress | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | ||||
| CVE-2023-37968 | 1 Faboba | 1 Falang | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. | ||||
| CVE-2023-37996 | 1 Gtmetrix | 1 Gtmetrix | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. | ||||
| CVE-2023-37998 | 1 Saas | 1 Disabler | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler allows Cross Site Request Forgery.This issue affects Disabler: from n/a through 3.0.3. | ||||
| CVE-2023-37391 | 1 Wpmobilepack | 1 Wordpress Mobile Pack | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps plugin <= 3.4.1 versions. | ||||
| CVE-2023-37131 | 1 Yzncms | 1 Yzncms | 2024-08-02 | 6.5 Medium |
| A Cross-Site Request Forgery (CSRF) in the component /public/admin/profile/update.html of YznCMS v1.1.0 allows attackers to arbitrarily change the Administrator password via a crafted POST request. | ||||
| CVE-2023-36685 | 1 Brainstormforce | 1 Cartflows | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12. | ||||
| CVE-2023-36682 | 1 Brainstormforce | 1 Schema Pro | 2024-08-02 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7. | ||||
| CVE-2023-36237 | 2024-08-02 | 8.8 High | ||
| Cross Site Request Forgery vulnerability in Bagisto before v.1.5.1 allows an attacker to execute arbitrary code via a crafted HTML script. | ||||
| CVE-2023-36162 | 1 Zzcms | 1 Zzcms | 2024-08-02 | 8.8 High |
| Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php. | ||||