Total
6645 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49605 | 1 Avchat.net | 1 Avchat Video Chat | 2024-10-24 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS.This issue affects AVChat Video Chat: from n/a through 2.2. | ||||
| CVE-2024-49335 | 1 Edush Maxim | 1 Googledrive Folder List | 2024-10-24 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2. | ||||
| CVE-2024-49622 | 1 Apa | 1 Apa Banner Slider | 2024-10-24 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Apa Apa Banner Slider allows SQL Injection.This issue affects Apa Banner Slider: from n/a through 1.0.0. | ||||
| CVE-2024-43945 | 1 Latepoint | 1 Latepoint | 2024-10-24 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request Forgery.This issue affects LatePoint: from n/a through 4.9.91. | ||||
| CVE-2024-49629 | 1 Androidbubbles | 1 Endless Posts Navigation | 2024-10-22 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7. | ||||
| CVE-2024-47634 | 2 Majas-lapu-izstrade, Woocommerce | 2 Cartbounty, Streamline.lv | 2024-10-22 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Streamline.Lv CartBounty – Save and recover abandoned carts for WooCommerce allows Cross Site Request Forgery.This issue affects CartBounty – Save and recover abandoned carts for WooCommerce: from n/a through 8.2. | ||||
| CVE-2024-49250 | 1 Dublue | 1 Table Of Contents Plus | 2024-10-22 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through 2408. | ||||
| CVE-2024-49272 | 1 Wpwebinfotech | 1 Social Auto Poster | 2024-10-22 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15. | ||||
| CVE-2024-49274 | 1 Infomaniak | 1 Vod Infomaniak | 2024-10-22 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7. | ||||
| CVE-2024-49275 | 1 Northernbeacheswebsites | 1 Ideapush | 2024-10-22 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69. | ||||
| CVE-2024-49290 | 1 Boxystudio | 1 Cooked | 2024-10-22 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0. | ||||
| CVE-2024-49306 | 1 Wp-buy | 1 Wp Content Copy Protection \& No Right Click | 2024-10-22 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through 3.5.9. | ||||
| CVE-2024-49627 | 1 Noorsplugin | 1 Wordpress Image Seo | 2024-10-22 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4. | ||||
| CVE-2024-49628 | 1 Whiletrue | 1 Most And Least Read Posts Widget | 2024-10-22 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18. | ||||
| CVE-2024-49615 | 1 Henriquerodrigues | 1 Safetyforms | 2024-10-22 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0. | ||||
| CVE-2024-9351 | 2024-10-18 | 4.3 Medium | ||
| The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'create_module' function. This makes it possible for unauthenticated attackers to create draft quizzes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-48758 | 1 Dingfanzu | 1 Cms | 2024-10-18 | 6.1 Medium |
| dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code | ||||
| CVE-2024-48047 | 2024-10-18 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Linked Variation for WooCommerce allows Cross Site Request Forgery.This issue affects Linked Variation for WooCommerce: from n/a through 1.0.5. | ||||
| CVE-2024-49313 | 2024-10-18 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in RudeStan VKontakte Wall Post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through 2.0. | ||||
| CVE-2024-9352 | 2024-10-18 | 4.3 Medium | ||
| The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the custom form 'create_module' function. This makes it possible for unauthenticated attackers to create draft forms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||