CVEs and Security Vulnerabilities

Total 277464 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-47179	1 Ujsoftware	1 Owm Weather	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Uwe Jacobs OWM Weather plugin <= 5.6.11 leads to post duplication as a draft.
CVE-2023-23984	1 Wow-company	1 Bubble Menu	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion.
CVE-2023-23974	1 Fullworksplugins	1 Quick Event Manager	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update).
CVE-2023-23973	1 A3rev	1 Contact Us Page - Contact People	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0.
CVE-2022-38468	1 Imagely	1 Nextgen Gallery	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration.
CVE-2022-40198	1 Standalonetech	1 Terawallet	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in StandaloneTech TeraWallet – For WooCommerce plugin <= 1.3.24 leading to plugin settings change.
CVE-2022-45804	1 Robogallery	1 Robo Gallery	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.9 leading to galleries hierarchy change, included plugin deactivate & activate.
CVE-2022-45068	1 Mercadopago	1 Mercado Pago Payments For Woocommerce	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1.
CVE-2022-46797	1 Tatvic	1 Conversios.io	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Conversios All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce plugin <= 5.2.3 leads to plugin settings change.
CVE-2022-46798	1 Hasthemes	1 Woolentor - Woocommerce Elementor Addons \+ Builder	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change.
CVE-2022-46805	1 Wptrio	1 Conditional Shipping For Woocommerce	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 leading to activation/deactivation of plugin rulesets.
CVE-2022-46806	1 Villatheme	1 Cart All In One For Woocommerce	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification.
CVE-2022-47148	1 Wpovernight	1 Woocommerce Pdf Invoices\& Packing Slips	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss.
CVE-2022-47166	1 Voidcoders	1 Void Contact Form 7 Widget For Elementor Page Builder	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in voidCoders Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.1.1 versions.
CVE-2022-47440	1 My Tickets Project	1 My Tickets	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Tickets plugin <= 1.9.10 versions.
CVE-2023-25991	1 Metagauss	1 Registrationmagic	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic plugin <= 5.1.9.2 versions.
CVE-2023-22700	1 Pixelyoursite	1 Pixelyoursite	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager plugin <= 9.3.0 versions.
CVE-2023-23711	1 A2hosting	1 A2 Optimized	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in A2 Hosting A2 Optimized WP plugin <= 3.0.4 versions.
CVE-2023-25973	1 Autoaffiliatelinks	1 Auto Affiliate Links	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3.0.2 versions.
CVE-2022-47595	1 Codecabin	1 Wp Go Maps	2025-01-13	4.9 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 versions.

« first previous Page 84 of 13874. next last »