Export limit exceeded: 10028 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10028 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2019-15835 1 Wp Better Permalinks Project 1 Wp Better Permalinks 2024-11-21 N/A
The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF.
CVE-2019-15834 1 Webp Converter For Media Project 1 Webp Converter For Media 2024-11-21 N/A
The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF.
CVE-2019-15832 1 Wp-buy 1 Visitor Traffic Real Time Statistics 2024-11-21 N/A
The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.
CVE-2019-15831 1 Wp-buy 1 Visitor Traffic Real Time Statistics 2024-11-21 N/A
The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.
CVE-2019-15828 1 Tribulant 1 One Click Ssl 2024-11-21 N/A
The one-click-ssl plugin before 1.4.7 for WordPress has CSRF.
CVE-2019-15781 1 Weblizar 1 Social Likebox \& Feed 2024-11-21 N/A
The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF.
CVE-2019-15779 1 Quadlayers 1 Wp Social Feed Gallery 2024-11-21 N/A
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete.
CVE-2019-15770 1 Hallme 1 Woocommerce Address Book 2024-11-21 N/A
The woo-address-book plugin before 1.6.0 for WordPress has save calls without nonce verification checks.
CVE-2019-15769 1 Haktansuren 1 Handl Utm Grabber 2024-11-21 N/A
The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via add_option and update_option.
CVE-2019-15660 1 Butlerblog 1 Wp-members 2024-11-21 N/A
The wp-members plugin before 3.2.8 for WordPress has CSRF.
CVE-2019-15648 1 Elearningfreak 1 Insert Or Embed Articulate Content 2024-11-21 N/A
The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber.
CVE-2019-15645 1 Zoho 1 Salesiq 2024-11-21 N/A
The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF.
CVE-2019-15623 3 Nextcloud, Opensuse, Suse 3 Nextcloud Server, Backports Sle, Package Hub 2024-11-21 5.3 Medium
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.
CVE-2019-15515 1 Discourse 1 Discourse 2024-11-21 N/A
Discourse 2.3.2 sends the CSRF token in the query string.
CVE-2019-15496 1 Manageyourteam 1 Myt Project Management 2024-11-21 N/A
MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.
CVE-2019-15491 1 It-novum 1 Openitcockpit 2024-11-21 N/A
openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21.
CVE-2019-15329 1 Codection 1 Import Users From Csv With Meta 2024-11-21 N/A
The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.
CVE-2019-15238 1 Cformsii Project 1 Cformsii 2024-11-21 N/A
The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.
CVE-2019-15229 1 Thedaylightstudio 1 Fuel Cms 2024-11-21 N/A
FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.
CVE-2019-15164 1 Tcpdump 1 Libpcap 2024-11-21 5.3 Medium
rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.