Total
6248 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24458 | 1 Jenkins | 1 Bearychat | 2024-08-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL. | ||||
| CVE-2023-24457 | 1 Jenkins | 1 Keycloak Authentication | 2024-08-02 | 6.5 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-24432 | 1 Jenkins | 1 Orka By Macstadium | 2024-08-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-24428 | 1 Jenkins | 1 Bitbucket Oauth | 2024-08-02 | 5.7 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-24415 | 1 Quantumcloud | 1 Chatbot | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.2.8 versions. | ||||
| CVE-2023-24437 | 1 Jenkins | 1 Jira Pipeline Steps | 2024-08-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-24452 | 1 Jenkins | 1 Testquality Updater | 2024-08-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password. | ||||
| CVE-2023-24423 | 1 Jenkins | 1 Gerrit Trigger | 2024-08-02 | 6.5 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit. | ||||
| CVE-2023-24414 | 1 Robosoft | 1 Robogallery | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions. | ||||
| CVE-2023-24382 | 1 Material Design Icons For Page Builders Project | 1 Material Design Icons For Page Builders | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions. | ||||
| CVE-2023-24384 | 1 Wpdevart | 1 Organization Chart | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart <= 1.4.4 versions. | ||||
| CVE-2023-24380 | 1 Webbjocke | 1 Simple Wp Sitemap | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp Sitemap.This issue affects Simple Wp Sitemap: from n/a through 1.2.1. | ||||
| CVE-2023-24377 | 1 Lightspeedhq | 1 Ecwid Ecommerce Shopping Cart | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions. | ||||
| CVE-2023-23974 | 1 Fullworksplugins | 1 Quick Event Manager | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update). | ||||
| CVE-2023-23984 | 1 Wow-company | 1 Bubble Menu | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion. | ||||
| CVE-2023-23973 | 1 A3rev | 1 Contact Us Page - Contact People | 2024-08-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0. | ||||
| CVE-2023-24048 | 1 Connectize | 2 Ac21000 G6, Ac21000 G6 Firmware | 2024-08-02 | 8.8 High |
| Cross Site Request Forgery (CSRF) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via crafted GET request to /man_password.htm. | ||||
| CVE-2023-23992 | 1 Automatorwp | 1 Automatorwp | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete. | ||||
| CVE-2023-23983 | 1 Wpdevart | 1 Responsive Vertical Icon Menu | 2024-08-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 can lead to theme deletion. | ||||
| CVE-2023-23847 | 1 Jenkins | 1 Synopsys Coverity | 2024-08-02 | 3.5 Low |
| A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||