Search
Search Results (9066 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15934 | 1 Intesync | 1 Solismed | 2024-11-21 | 8.8 High |
| Intesync Solismed 3.3sp has CSRF. | ||||
| CVE-2019-15868 | 1 Wpaffiliatemanager | 1 Affiliates Manager | 2024-11-21 | N/A |
| The affiliates-manager plugin before 2.6.6 for WordPress has CSRF. | ||||
| CVE-2019-15865 | 1 Holest | 1 Breadcrumbs By Menu | 2024-11-21 | N/A |
| The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF. | ||||
| CVE-2019-15841 | 1 Facebook | 1 Facebook For Woocommerce | 2024-11-21 | N/A |
| The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility. | ||||
| CVE-2019-15840 | 1 Facebook | 1 Facebook For Woocommerce | 2024-11-21 | N/A |
| The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF. | ||||
| CVE-2019-15835 | 1 Wp Better Permalinks Project | 1 Wp Better Permalinks | 2024-11-21 | N/A |
| The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF. | ||||
| CVE-2019-15834 | 1 Webp Converter For Media Project | 1 Webp Converter For Media | 2024-11-21 | N/A |
| The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF. | ||||
| CVE-2019-15832 | 1 Wp-buy | 1 Visitor Traffic Real Time Statistics | 2024-11-21 | N/A |
| The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF. | ||||
| CVE-2019-15831 | 1 Wp-buy | 1 Visitor Traffic Real Time Statistics | 2024-11-21 | N/A |
| The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page. | ||||
| CVE-2019-15828 | 1 Tribulant | 1 One Click Ssl | 2024-11-21 | N/A |
| The one-click-ssl plugin before 1.4.7 for WordPress has CSRF. | ||||
| CVE-2019-15781 | 1 Weblizar | 1 Social Likebox \& Feed | 2024-11-21 | N/A |
| The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF. | ||||
| CVE-2019-15779 | 1 Quadlayers | 1 Wp Social Feed Gallery | 2024-11-21 | N/A |
| The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete. | ||||
| CVE-2019-15770 | 1 Hallme | 1 Woocommerce Address Book | 2024-11-21 | N/A |
| The woo-address-book plugin before 1.6.0 for WordPress has save calls without nonce verification checks. | ||||
| CVE-2019-15769 | 1 Haktansuren | 1 Handl Utm Grabber | 2024-11-21 | N/A |
| The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via add_option and update_option. | ||||
| CVE-2019-15660 | 1 Butlerblog | 1 Wp-members | 2024-11-21 | N/A |
| The wp-members plugin before 3.2.8 for WordPress has CSRF. | ||||
| CVE-2019-15648 | 1 Elearningfreak | 1 Insert Or Embed Articulate Content | 2024-11-21 | N/A |
| The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber. | ||||
| CVE-2019-15645 | 1 Zoho | 1 Salesiq | 2024-11-21 | N/A |
| The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. | ||||
| CVE-2019-15623 | 3 Nextcloud, Opensuse, Suse | 3 Nextcloud Server, Backports Sle, Package Hub | 2024-11-21 | 5.3 Medium |
| Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled. | ||||
| CVE-2019-15515 | 1 Discourse | 1 Discourse | 2024-11-21 | N/A |
| Discourse 2.3.2 sends the CSRF token in the query string. | ||||
| CVE-2019-15496 | 1 Manageyourteam | 1 Myt Project Management | 2024-11-21 | N/A |
| MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page. | ||||