CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.7. This is due to missing or incorrect nonce validation in the 'ssoptionmaint.php' and 'ssuserfilterlist' files. This make...

5.4CVSS0.00058EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 10:42 a.m.•4 views

CVE-2024-8477

The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo formely Sendinblue plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87. This is due to missing or incorrect nonce validation on the Init function. This makes it possible fo...

4.3CVSS6.5AI score0.00213EPSS

Exploits0References1

Vulnrichment•added 2023/07/01 5:33 a.m.•6 views

CVE-2021-4400

The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This is due to missing or incorrect nonce validation on the bsearchprocesssettingsimport and bsearchprocesssettingsexport functions. This makes it possible for unauthenticat...

4.3CVSS6.5AI score0.00193EPSS

Exploits0References9

Vulnrichment•added 2023/02/07 9:5 p.m.•9 views

CVE-2023-0728

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajaxsavefolder function. This makes it possible for unauthenticated attackers to invoke this function via forg...

5.4CVSS5.2AI score0.00094EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by