Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9189 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2549 | 1 Featherplugins | 1 Feather Login Page | 2025-01-13 | 8.8 High |
| The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1. This is due to missing nonce validation in the 'createTempAccountLink' function. This makes it possible for unauthenticated attackers to create a new user with administrator role via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. An attacker can leverage CVE-2023-2545 to get the login link or request a password reset to the new user's email address. | ||||
| CVE-2022-30544 | 1 Hyumika | 1 Openstreetmap | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in MiKa's OSM – OpenStreetMap plugin <= 6.0.1 versions. | ||||
| CVE-2022-36401 | 1 Standalonetech | 1 Terawallet | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in TeraWallet – For WooCommerce plugin <= 1.3.24 versions. | ||||
| CVE-2022-44585 | 1 Magneticlab | 1 Homepage Pop-up | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions. | ||||
| CVE-2022-27628 | 1 Wzone Project | 1 Wzone | 2025-01-13 | 4.7 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AA-Team WZone – Lite Version plugin 3.1 Lite versions. | ||||
| CVE-2022-41134 | 1 Optinly | 1 Optinly | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in OptinlyHQ Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms plugin <= 1.0.15 versions. | ||||
| CVE-2022-43469 | 1 Orchestrated | 1 Corona Virus \(covid-19\) Banner \& Live Data | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Orchestrated Corona Virus (COVID-19) Banner & Live Data plugin <= 1.7.0.6 versions. | ||||
| CVE-2023-25066 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions. | ||||
| CVE-2023-25065 | 1 Shapedplugin | 1 Wp Tabs | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions. | ||||
| CVE-2022-46862 | 1 Expresstech | 1 Quiz And Survey Master | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions. | ||||
| CVE-2023-24382 | 1 Material Design Icons For Page Builders Project | 1 Material Design Icons For Page Builders | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions. | ||||
| CVE-2023-23899 | 1 Hasthemes | 1 Extensions For Cf7 | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation. | ||||
| CVE-2023-23659 | 1 Mainwp | 1 Motomo | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in MainWP Matomo Extension <= 4.0.4 versions. | ||||
| CVE-2023-24384 | 1 Wpdevart | 1 Organization Chart | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart <= 1.4.4 versions. | ||||
| CVE-2022-43459 | 1 Captainform | 1 Captainform | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Forms by CaptainForm – Form Builder for WordPress plugin <= 2.5.3 versions. | ||||
| CVE-2023-23983 | 1 Wpdevart | 1 Responsive Vertical Icon Menu | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 can lead to theme deletion. | ||||
| CVE-2023-23865 | 1 Checkoutplugins | 1 Stripe Payments For Woocommerce | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce plugin <= 1.4.10 leads to settings change. | ||||
| CVE-2022-47612 | 1 Xnau | 1 Participants Database | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.5 leads to list column update. | ||||
| CVE-2022-47179 | 1 Ujsoftware | 1 Owm Weather | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Uwe Jacobs OWM Weather plugin <= 5.6.11 leads to post duplication as a draft. | ||||
| CVE-2023-23973 | 1 A3rev | 1 Contact Us Page - Contact People | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0. | ||||