Export limit exceeded: 16340 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9086 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6251 | 1 Checkmk | 1 Checkmk | 2024-11-21 | 3.5 Low |
| Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. | ||||
| CVE-2023-6137 | 1 Wpfrontier | 1 Frontier Post | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in finnj Frontier Post allows Cross Site Request Forgery.This issue affects Frontier Post: from n/a through 6.1. | ||||
| CVE-2023-6022 | 1 Prefect | 1 Prefect | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) in GitHub repository prefecthq/prefect prior to 2.16.5. | ||||
| CVE-2023-5990 | 1 Funnelforms | 1 Funnelforms Free | 2024-11-21 | 6.5 Medium |
| The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor WordPress plugin before 3.4.2 does not have CSRF checks on some of its form actions such as deletion and duplication, which could allow attackers to make logged in admin perform such actions via CSRF attacks | ||||
| CVE-2023-5979 | 1 Implecode | 1 Ecommerce Product Catalog | 2024-11-21 | 6.5 Medium |
| The eCommerce Product Catalog Plugin for WordPress plugin before 3.3.26 does not have CSRF checks in some of its admin pages, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as delete all products | ||||
| CVE-2023-5886 | 1 Soflyy | 2 Export Any Wordpress Data To Xml\/csv, Wp All Export | 2024-11-21 | 8.8 High |
| The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading to PHAR deserialization, which may lead to remote code execution. | ||||
| CVE-2023-5884 | 1 Back2nature | 1 Word Balloon | 2024-11-21 | 6.5 Medium |
| The Word Balloon WordPress plugin before 4.20.3 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to trick a logged in user to delete arbitrary avatars by clicking a link. | ||||
| CVE-2023-5803 | 1 Businessdirectoryplugin | 1 Business Directory | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Business Directory Team Business Directory Plugin – Easy Listing Directories for WordPress allows Cross-Site Request Forgery.This issue affects Business Directory Plugin – Easy Listing Directories for WordPress: from n/a through 6.3.10. | ||||
| CVE-2023-5690 | 1 Modoboa | 1 Modoboa | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.2.2. | ||||
| CVE-2023-5687 | 1 Mosparo | 1 Mosparo | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) in GitHub repository mosparo/mosparo prior to 1.0.3. | ||||
| CVE-2023-5626 | 1 Sfu | 1 Open Journal System | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16. | ||||
| CVE-2023-5511 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. | ||||
| CVE-2023-5498 | 1 Chiefonboarding | 1 Chiefonboarding | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in GitHub repository chiefonboarding/chiefonboarding prior to v2.0.47. | ||||
| CVE-2023-5036 | 1 Usememos | 1 Memos | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1. | ||||
| CVE-2023-52145 | 1 Mariosalexandrou | 1 Republish Old Posts | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21. | ||||
| CVE-2023-52127 | 1 Wpclever | 1 Wpc Product Bundles For Woocommerce | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Product Bundles for WooCommerce.This issue affects WPC Product Bundles for WooCommerce: from n/a through 7.3.1. | ||||
| CVE-2023-52120 | 1 Basixonline | 1 Nex-forms | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2. | ||||
| CVE-2023-51681 | 2024-11-21 | 6.5 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Duplicator Duplicator – WordPress Migration & Backup Plugin.This issue affects Duplicator – WordPress Migration & Backup Plugin: from n/a through 1.5.7. | ||||
| CVE-2023-51668 | 1 Wpzone | 1 Inline Image Upload For Bbpress | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18. | ||||
| CVE-2023-51545 | 1 Themehigh | 1 Job Manager \& Career | 2024-11-21 | 9.6 Critical |
| Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in ThemeHigh Job Manager & Career – Manage job board listings, and recruitments.This issue affects Job Manager & Career – Manage job board listings, and recruitments: from n/a through 1.4.4. | ||||