55975 matches found
CVE-2023-45629
Cross-Site Request Forgery CSRF vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.3 versions...
CVE-2023-45269
Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 2.0.25 versions...
CVE-2023-45836
Cross-Site Request Forgery CSRF vulnerability in XYDAC Ultimate Taxonomy Manager plugin = 2.0 versions...
CVE-2023-45647
Cross-Site Request Forgery CSRF vulnerability in MailMunch Constant Contact Forms by MailMunch plugin = 2.0.10 versions...
CVE-2023-45638
Cross-Site Request Forgery CSRF vulnerability in euPago Eupago Gateway For Woocommerce plugin = 3.1.9 versions...
CVE-2023-45068
Cross-Site Request Forgery CSRF vulnerability in Supsystic Contact Form by Supsystic plugin = 1.7.27 versions...
CVE-2023-45656
Cross-Site Request Forgery CSRF vulnerability in Kevin Weber Lazy Load for Videos plugin = 2.18.2 versions...
CVE-2023-45653
Cross-Site Request Forgery CSRF vulnerability in Galaxy Weblinks Video Playlist For YouTube plugin = 6.0 versions...
CVE-2023-45606
Cross-Site Request Forgery CSRF vulnerability in Lasso Simple URLs plugin = 120 versions...
CVE-2023-45048
Cross-Site Request Forgery CSRF vulnerability in Repuso Social proof testimonials and reviews by Repuso plugin = 5.00 versions...
CVE-2023-45642
Cross-Site Request Forgery CSRF vulnerability in Hassan Ali Snap Pixel plugin = 1.5.7 versions...
CVE-2023-31200
PTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site request forgery attack or a replay attack...
CVE-2023-45831
Cross-Site Request Forgery CSRF vulnerability in Pixelative, Mohsin Rafique AMP WP – Google AMP For WordPress plugin = 1.5.15 versions...
CVE-2023-31089
Cross-Site Request Forgery CSRF vulnerability in Tradebooster Video XML Sitemap Generator.This issue affects Video XML Sitemap Generator: from n/a through 1.0.0...
CVE-2023-4000
The Waiting: One-click countdowns plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to create and delete countdown...
CVE-2023-4161
The WooCommerce PDF Invoice Builder for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the SaveCustomField function in versions up to, and including, 1.2.90. This makes it possible for unauthenticated attackers to create invoice fields provided they can tric...
CVE-2023-4729
The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the publishlp function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to change the LadiPage key a key fully controll...
CVE-2023-4248
The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the givestripedisconnectconnectstripeaccount function. This makes it possible for unauthenticated attackers to deactivate t...
CVE-2023-4455
Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.6.3...
CVE-2023-4869
A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file update.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been...