42 matches found
CVE-2022-47150
Cross-Site request forgery CSRF vulnerability in weDevs WooCommerce Conversion Tracking allows Cross Site Request Forgery. This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.10...
CVE-2022-47150
CVE-2022-47150 concerns CSRF in WordPress plugins referencing WooCommerce Conversion Tracking. Affected product: WooCommerce Conversion Tracking plugin for WordPress, versions up to and including 2.0.10. Underlying issue: Cross-Site Request Forgery, enabling unauthenticated or unauthorized action...
WordPress WP Project Manager Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Project Manager Type Plugin Vulnerable versions = 2.6.0 Fixed in 2.6.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 59fff4ce994d Credits István Márton...
WordPress Directorist Plugin <= 7.7.1 is vulnerable to Broken Access Control
Software Directorist Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c511217f52dd Credits István Márton Required privilege...
WordPress Unlimited Elementor Inner Sections By BoomDevs Plugin < 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Unlimited Elementor Inner Sections By BoomDevs Type Plugin Vulnerable versions 1.0.0 Fixed in 1.0.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9e982eaa66c...
WordPress weMail Plugin <= 1.14.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software weMail Type Plugin Vulnerable versions = 1.14.1 Fixed in 1.14.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 65136c30deb2 Credits István Márton Required...
WordPress weDocs Plugin <= 1.7.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software weDocs Type Plugin Vulnerable versions = 1.7.5 Fixed in 1.7.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 045d8faa126e Credits István Márton Required...
WordPress WooCommerce Conversion Tracking Plugin <= 2.0.10 is vulnerable to Cross Site Request Forgery (CSRF)
Software WooCommerce Conversion Tracking Type Plugin Vulnerable versions = 2.0.10 Fixed in 2.0.11 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4ebb849878be Credits...
WordPress GS Logo Slider Plugin <= 3.4.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software GS Logo Slider Type Plugin Vulnerable versions = 3.4.2 Fixed in 3.4.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f9643d261af1 Credits István Márton Requir...
WordPress Product Category Showcase for WooCommerce Plugin <= 1.1.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software Product Category Showcase for WooCommerce Type Plugin Vulnerable versions = 1.1.9 Fixed in 2.0.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e261a353a568...
WordPress Texty – SMS Notification for WordPress, WooCommerce, Dokan and more Plugin <= 1.1.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Texty – SMS Notification for WordPress, WooCommerce, Dokan and more Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim...
WordPress WP Content Pilot – Autoblogging & Affiliate Marketing Plugin Plugin <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Content Pilot – Autoblogging & Affiliate Marketing Plugin Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership...
WordPress Worth The Read Plugin <= 1.14 is vulnerable to Cross Site Request Forgery (CSRF)
Software Worth The Read Type Plugin Vulnerable versions = 1.14 Fixed in 1.14.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 86cfa5e90dc1 Credits István Márton Requir...
WordPress Visibility Logic for Elementor Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Visibility Logic for Elementor Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer StaxWP PSID 0cc2ff14bd32 Credits István Márton...
WordPress Download Increase Maximum Upload File Size | Increase Execution Time Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software Download Increase Maximum Upload File Size | Increase Execution Time Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim...
WordPress Fuse Social Floating Sidebar Plugin <= 5.4.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Fuse Social Floating Sidebar Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 393d2a5bd141 Credits István...
WordPress GS Pins for Pinterest Plugin <= 1.6.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software GS Pins for Pinterest Type Plugin Vulnerable versions = 1.6.2 Fixed in 1.6.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 65fda5a4e6dc Credits István Márton...
WordPress Click to top Plugin <= 1.2.19 is vulnerable to Cross Site Request Forgery (CSRF)
Software Click to top Type Plugin Vulnerable versions = 1.2.19 Fixed in 1.2.20 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 289d971e44a8 Credits István Márton Requir...
WordPress WP VR Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP VR Type Plugin Vulnerable versions = 8.2.5 Fixed in 8.2.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer WPFunnels Team PSID 93df9c4109e0 Credits István Márton Required privile...
WordPress WP Dark Mode Plugin <= 3.0.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Dark Mode Type Plugin Vulnerable versions = 3.0.4 Fixed in 3.0.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e41209e9d275 Credits István Márton Required...