Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9189 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-34015 1 Piwebsolution 1 Advanced-free-flat-shipping-woocommerce 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions.
CVE-2023-34005 1 Etoilewebdesign 1 Front End Users 2024-11-21 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Front End Users plugin <= 3.2.24 versions.
CVE-2023-33931 1 Getbutterfly 1 Youtube Playlist Player 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu YouTube Playlist Player plugin <= 4.6.4 versions.
CVE-2023-33926 1 Supsystic 1 Easy Google Maps 2024-11-21 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions.
CVE-2023-33534 2 Guanzhou Tozed Kangwei Intelligent Technology, Sztozed 3 Zlts10g, Zlt S10g, Zlt S10g Firmware 2024-11-21 8.8 High
A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process.
CVE-2023-33316 1 Woocommerce 1 Automatewoo 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions.
CVE-2023-33315 1 Wandlesoftware 1 Smart App Banner 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin <= 1.1.2 versions.
CVE-2023-33313 1 Themeinprogress 1 Wip Custom Login 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in ThemeinProgress WIP Custom Login plugin <= 1.2.9 versions.
CVE-2023-33212 1 Crocoblock 1 Jetformbuilder 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin <= 3.0.6 versions.
CVE-2023-32964 1 Madewithfuel 1 Better Notifications For Wp 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <= 1.9.2 versions.
CVE-2023-32960 1 Updraftplus 1 Updraftplus 2024-11-21 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin <= 1.23.3 versions leads to sitewide Cross-Site Scripting (XSS).
CVE-2023-32792 1 Nxlog 1 Nxlog Manager 2024-11-21 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests.
CVE-2023-32791 1 Nxlog 1 Nxlog Manager 2024-11-21 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests.
CVE-2023-32761 1 Archerirm 1 Archer 2024-11-21 8.1 High
Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request.
CVE-2023-32588 1 Brandbrilliance 1 Post State Tags 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions.
CVE-2023-32583 1 Walkeprashant 1 Wp All Backup 2024-11-21 6.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3 versions.
CVE-2023-32124 1 Arulprasadj 1 Publish Confirm Message 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <= 1.3.1 versions.
CVE-2023-32104 1 Target-info 1 Mycurator Content Curation 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurator Content Curation plugin <= 3.74 versions.
CVE-2023-32091 1 Poeditor 1 Poeditor 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions.
CVE-2023-31452 1 Paessler 1 Prtg Network Monitor 2024-11-21 8.8 High
A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This could force PRTG to execute different actions, such as creating new users. The severity of this vulnerability is high and received a score of 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H