Export limit exceeded: 10192 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10192 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35044 | 1 Securimage-wp-fixed Project | 1 Securimage-wp-fixed | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Drew Phillips Securimage-WP plugin <= 3.6.16 versions. | ||||
| CVE-2023-35041 | 1 Webpushr | 1 Web Push Notifications | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions. | ||||
| CVE-2023-35038 | 1 Wpexperts | 1 Wp Pdf Generator | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wpexperts.Io WP PDF Generator plugin <= 1.2.2 versions. | ||||
| CVE-2023-35030 | 1 Liferay | 2 Dxp, Liferay Portal | 2024-11-21 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter. | ||||
| CVE-2023-34384 | 1 Kebo Twitter Feed Project | 1 Kebo Twitter Feed | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo Twitter Feed plugin <= 1.5.12 versions. | ||||
| CVE-2023-34378 | 1 Scriptburn | 1 Wp Hide Post | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in scriptburn.Com WP Hide Post plugin <= 2.0.10 versions. | ||||
| CVE-2023-34373 | 1 Zephyr Project Manager Project | 1 Zephyr Project Manager | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions. | ||||
| CVE-2023-34085 | 1 Pingidentity | 1 Pingfederate | 2024-11-21 | 2.6 Low |
| When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request | ||||
| CVE-2023-34028 | 1 Pluginus | 1 Wolf - Wordpress Posts Bulk Editor And Manager Professional | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7 versions. | ||||
| CVE-2023-34015 | 1 Piwebsolution | 1 Advanced-free-flat-shipping-woocommerce | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions. | ||||
| CVE-2023-34005 | 1 Etoilewebdesign | 1 Front End Users | 2024-11-21 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Front End Users plugin <= 3.2.24 versions. | ||||
| CVE-2023-33931 | 1 Getbutterfly | 1 Youtube Playlist Player | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu YouTube Playlist Player plugin <= 4.6.4 versions. | ||||
| CVE-2023-33926 | 1 Supsystic | 1 Easy Google Maps | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions. | ||||
| CVE-2023-33668 | 1 Digiexam | 1 Digiexam | 2024-11-21 | 9.8 Critical |
| DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers. | ||||
| CVE-2023-33534 | 2 Guanzhou Tozed Kangwei Intelligent Technology, Sztozed | 3 Zlts10g, Zlt S10g, Zlt S10g Firmware | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process. | ||||
| CVE-2023-33316 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions. | ||||
| CVE-2023-33315 | 1 Wandlesoftware | 1 Smart App Banner | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin <= 1.1.2 versions. | ||||
| CVE-2023-33313 | 1 Themeinprogress | 1 Wip Custom Login | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeinProgress WIP Custom Login plugin <= 1.2.9 versions. | ||||
| CVE-2023-33212 | 1 Crocoblock | 1 Jetformbuilder | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin <= 3.0.6 versions. | ||||
| CVE-2023-32964 | 1 Madewithfuel | 1 Better Notifications For Wp | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <= 1.9.2 versions. | ||||