| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in WPGear Hack-Info allows Stored XSS.This issue affects Hack-Info: from n/a through 3.17. |
| Cross-Site Request Forgery (CSRF) vulnerability in kornelly Translator allows Stored XSS. This issue affects Translator: from n/a through 0.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in bundgaard Martins Free Monetized Ad Exchange Network allows Reflected XSS. This issue affects Martins Free Monetized Ad Exchange Network: from n/a through 1.0.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in dangrossman WP Calais Auto Tagger allows Cross Site Request Forgery. This issue affects WP Calais Auto Tagger: from n/a through 2.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in geoWP Geoportail Shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through 2.4.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Attachment allows Stored XSS. This issue affects Hacklog Remote Attachment: from n/a through 1.3.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Mario Spinaci UPDATE NOTIFICATIONS allows Stored XSS.This issue affects UPDATE NOTIFICATIONS: from n/a through 0.3.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in blueinstyle Advanced Tag Lists allows Stored XSS. This issue affects Advanced Tag Lists: from n/a through 1.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in simplemaps Simple Maps allows Stored XSS. This issue affects Simple Maps: from n/a through 0.98. |
| Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI Content Creator allows Cross Site Request Forgery. This issue affects AI Content Creator: from n/a through 1.2.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Benevolent allows Cross Site Request Forgery.This issue affects Benevolent: from n/a through 1.3.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in EverAccounting Ever Accounting allows Cross Site Request Forgery. This issue affects Ever Accounting: from n/a through 2.1.5. |
| The Posti Shipping plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.10.3. This is due to missing or incorrect nonce validation on the generate_notices_html() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| Cross-Site Request Forgery (CSRF) vulnerability in Niklas Olsson Universal Analytics Injector allows Stored XSS.This issue affects Universal Analytics Injector: from n/a through 1.0.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in isnowfy my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through 1.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich Snippets for Google allows Exploitation of Trusted Credentials.This issue affects Events Rich Snippets for Google: from n/a through 1.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Clearfy Cache.This issue affects Clearfy Cache: from n/a through 2.2.1. |
| Path Traversal vulnerability in NotFound WizShop allows PHP Local File Inclusion. This issue affects WizShop: from n/a through 3.0.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Sebastian Echeverry SCSS-Library allows Cross Site Request Forgery. This issue affects SCSS-Library: from n/a through 0.4.1. |
| The Disable Auto Updates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'disable-auto-updates' page. This makes it possible for unauthenticated attackers to disable all auto updates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
