Total
6247 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34816 | 2024-08-02 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io – Easy Meeting Scheduler.This issue affects WPCal.Io – Easy Meeting Scheduler: from n/a through 0.9.5.8. | ||||
| CVE-2024-34827 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5. | ||||
| CVE-2024-34823 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter.This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.3. | ||||
| CVE-2024-34755 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Salesforce.This issue affects Integration for Contact Form 7 and Salesforce: from n/a through 1.3.9. | ||||
| CVE-2024-34825 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Warfare Plugins Social Warfare.This issue affects Social Warfare: from n/a through 4.4.5.1. | ||||
| CVE-2024-34814 | 2024-08-02 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeFuse Unyson.This issue affects Unyson: from n/a through 2.7.29. | ||||
| CVE-2024-34828 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.32. | ||||
| CVE-2024-34807 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CodeBard Fast Custom Social Share by CodeBard.This issue affects Fast Custom Social Share by CodeBard: from n/a through 1.1.2. | ||||
| CVE-2024-34817 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.0. | ||||
| CVE-2024-34809 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes EmpowerWP.This issue affects EmpowerWP: from n/a through 1.0.21. | ||||
| CVE-2024-34756 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 HubSpot.This issue affects Integration for Contact Form 7 HubSpot: from n/a through 1.3.1. | ||||
| CVE-2024-34557 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.5.4. | ||||
| CVE-2024-34427 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu WP Favorite Posts.This issue affects WP Favorite Posts: from n/a through 1.6.8. | ||||
| CVE-2024-34439 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in divSpot DS Site Message.This issue affects DS Site Message: from n/a through 1.14.4. | ||||
| CVE-2024-34367 | 2024-08-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Popup Box Team Popup box allows Cross-Site Scripting (XSS).This issue affects Popup box: from n/a through 4.1.2. | ||||
| CVE-2024-34379 | 2024-08-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Restaurant and Cafe.This issue affects Restaurant and Cafe: from n/a through 1.2.1. | ||||
| CVE-2024-34001 | 2024-08-02 | 8.4 High | ||
| Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk. | ||||
| CVE-2024-34007 | 2024-08-02 | N/A | ||
| The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF. | ||||
| CVE-2024-34069 | 1 Redhat | 2 Openshift, Openshift Ironic | 2024-08-02 | 7.5 High |
| Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3. | ||||
| CVE-2024-33913 | 2024-08-02 | 9.6 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary File Upload in Xserver Migrator.This issue affects Xserver Migrator: from n/a through 1.6.1. | ||||