Total
8605 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34654 | 1 Freeamigos | 1 Manage Notification E-mails | 2025-02-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in Virgial Berveling's Manage Notification E-mails plugin <= 1.8.2 on WordPress. | ||||
| CVE-2022-26366 | 1 Adrotate Banner Manager Project | 1 Adrotate Banner Manager | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress. | ||||
| CVE-2022-45824 | 1 Elbtide | 1 Advanced Booking Calendar | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress. | ||||
| CVE-2024-2960 | 1 Svs-websoft | 1 Svs Pricing Tables | 2025-02-20 | 4.3 Medium |
| The SVS Pricing Tables plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the deletePricingTable() function. This makes it possible for unauthenticated attackers to delete pricing tables via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-2959 | 1 Svs-websoft | 1 Svs Pricing Tables | 2025-02-20 | 4.3 Medium |
| The SVS Pricing Tables plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the savePricingTable() function. This makes it possible for unauthenticated attackers to create and edit pricing tables via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-7141 | 2025-02-20 | N/A | ||
| Versions of Gliffy Online prior to versions 4.14.0-7 contains a Cross Site Request Forgery (CSRF) flaw. | ||||
| CVE-2024-12386 | 1 Kevonadonis | 1 Wp Abstracts | 2025-02-20 | 8.1 High |
| The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This makes it possible for unauthenticated attackers to delete arbitrary accounts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2020-10095 | 2025-02-20 | 8.1 High | ||
| Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device. | ||||
| CVE-2023-5823 | 1 Themekraft | 1 Tk Google Fonts Gdpr Compliant | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin <= 2.2.11 versions. | ||||
| CVE-2023-47238 | 1 Webberzone | 1 Top 10 | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WebberZone Top 10 – WordPress Popular posts by WebberZone plugin <= 3.3.2 versions. | ||||
| CVE-2023-47237 | 1 Auto Publish For Google My Business Project | 1 Auto Publish For Google My Business | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson Auto Publish for Google My Business plugin <= 3.7 versions. | ||||
| CVE-2023-32739 | 1 Hamidrezasepehr | 1 Custom Cursors | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Web_Trendy WP Custom Cursors | WordPress Cursor Plugin plugin < 3.2 versions. | ||||
| CVE-2023-29428 | 1 Superbthemes | 1 Superb Social Media Share Buttons And Follow Buttons | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <= 1.1.3 versions. | ||||
| CVE-2022-47181 | 1 Wpexperts | 1 Email Templates Customizer And Designer | 2025-02-19 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpexpertsio Email Templates Customizer and Designer for WordPress and WooCommerce email-templates allows Cross Site Request Forgery.This issue affects Email Templates Customizer and Designer for WordPress and WooCommerce: from n/a through 1.4.2. | ||||
| CVE-2022-29489 | 1 Sucuri | 1 Security | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation. | ||||
| CVE-2023-37391 | 1 Wpmobilepack | 1 Wordpress Mobile Pack | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps plugin <= 3.4.1 versions. | ||||
| CVE-2023-34185 | 1 Wordpress Nextgen Galleryview Project | 1 Wordpress Nextgen Galleryview | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions. | ||||
| CVE-2023-34029 | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications Project | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable WordPress Update Notifications and auto-update Email Notifications plugin <= 2.3.3 versions. | ||||
| CVE-2023-37968 | 1 Faboba | 1 Falang | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. | ||||
| CVE-2023-37992 | 1 Presspage | 1 Smarty For Wordpress | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | ||||