Export limit exceeded: 10028 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10028 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-34378 | 1 Scriptburn | 1 Wp Hide Post | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in scriptburn.Com WP Hide Post plugin <= 2.0.10 versions. | ||||
| CVE-2023-34373 | 1 Zephyr Project Manager Project | 1 Zephyr Project Manager | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions. | ||||
| CVE-2023-34085 | 1 Pingidentity | 1 Pingfederate | 2024-11-21 | 2.6 Low |
| When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request | ||||
| CVE-2023-34028 | 1 Pluginus | 1 Wolf - Wordpress Posts Bulk Editor And Manager Professional | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7 versions. | ||||
| CVE-2023-34015 | 1 Piwebsolution | 1 Advanced-free-flat-shipping-woocommerce | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions. | ||||
| CVE-2023-34005 | 1 Etoilewebdesign | 1 Front End Users | 2024-11-21 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Front End Users plugin <= 3.2.24 versions. | ||||
| CVE-2023-33931 | 1 Getbutterfly | 1 Youtube Playlist Player | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu YouTube Playlist Player plugin <= 4.6.4 versions. | ||||
| CVE-2023-33926 | 1 Supsystic | 1 Easy Google Maps | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions. | ||||
| CVE-2023-33668 | 1 Digiexam | 1 Digiexam | 2024-11-21 | 9.8 Critical |
| DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers. | ||||
| CVE-2023-33534 | 2 Guanzhou Tozed Kangwei Intelligent Technology, Sztozed | 3 Zlts10g, Zlt S10g, Zlt S10g Firmware | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process. | ||||
| CVE-2023-33316 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions. | ||||
| CVE-2023-33315 | 1 Wandlesoftware | 1 Smart App Banner | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin <= 1.1.2 versions. | ||||
| CVE-2023-33313 | 1 Themeinprogress | 1 Wip Custom Login | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeinProgress WIP Custom Login plugin <= 1.2.9 versions. | ||||
| CVE-2023-33212 | 1 Crocoblock | 1 Jetformbuilder | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin <= 3.0.6 versions. | ||||
| CVE-2023-32964 | 1 Madewithfuel | 1 Better Notifications For Wp | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <= 1.9.2 versions. | ||||
| CVE-2023-32960 | 1 Updraftplus | 1 Updraftplus | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin <= 1.23.3 versions leads to sitewide Cross-Site Scripting (XSS). | ||||
| CVE-2023-32792 | 1 Nxlog | 1 Nxlog Manager | 2024-11-21 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests. | ||||
| CVE-2023-32791 | 1 Nxlog | 1 Nxlog Manager | 2024-11-21 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests. | ||||
| CVE-2023-32761 | 1 Archerirm | 1 Archer | 2024-11-21 | 8.1 High |
| Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request. | ||||
| CVE-2023-32588 | 1 Brandbrilliance | 1 Post State Tags | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions. | ||||