366 matches found
PT-2023-29894 · Internet Marketing Ninjas · Internal Link Building Plugin
Name of the Vulnerable Software and Affected Versions: Internet Marketing Ninjas Internal Link Building plugin versions = 1.2.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...
PT-2023-29719 · WordPress · Martin Gibson Wp Gotowebinar
Name of the Vulnerable Software and Affected Versions: Martin Gibson WP GoToWebinar plugin versions = 14.45 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin or higher privileges can inject malicious scripts...
PT-2023-29879 · Unknown · Awesome Togi Product Category Tree
Name of the Vulnerable Software and Affected Versions: AWESOME TOGI Product Category Tree plugin versions = 2.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user ...
PT-2023-29845 · WordPress · Chetan Gole Smooth Scroll Links
Name of the Vulnerable Software and Affected Versions: Chetan Gole Smooth Scroll Links SSL plugin versions = 1.1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the us...
PT-2023-29478 · Sendpulse · Sendpulse Free Web Push Plugin
Name of the Vulnerable Software and Affected Versions: SendPulse Free Web Push plugin versions = 1.3.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
PT-2023-29723 · Unknown · Xydac Ultimate Taxonomy Manager
Name of the Vulnerable Software and Affected Versions: XYDAC Ultimate Taxonomy Manager plugin versions = 2.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web...
SB Child List <= 4.5 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-44261
Cross-Site Request Forgery CSRF vulnerability in Dinesh Karki Block Plugin Update plugin = 3.3 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Dinesh Karki Block Plugin Update plugin = 3.3 versions...
CVE-2023-44261 WordPress Block Plugin Update Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Dinesh Karki Block Plugin Update plugin = 3.3 versions...
CVE-2023-44261
CVE-2023-44261 is a CSRF vulnerability in WordPress Block Plugin Update (
WordPress Plugin Block Plugin Update Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2023-29254 · WordPress · Michael Simpson Add Shortcodes Actions/Filters
Name of the Vulnerable Software and Affected Versions: Michael Simpson Add Shortcodes Actions And Filters plugin versions = 2.0.9 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...
PT-2023-28123 · WordPress · Ashok Rane Order Delivery Date For Wp E-Commerce
Name of the Vulnerable Software and Affected Versions: Ashok Rane Order Delivery Date for WP e-Commerce plugin versions = 1.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...
PT-2023-15218 · WordPress · The Royal Elementor Addons/Templates
Name of the Vulnerable Software and Affected Versions: P Royal Royal Elementor Addons and Templates plugin versions 1.3.75 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performin...
PT-2023-22213 · WordPress · Fugu Maintenance Switch
Name of the Vulnerable Software and Affected Versions: Fugu Maintenance Switch plugin versions = 1.5.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
PT-2023-28188 · Laposta · Laposta Signup Basic
Name of the Vulnerable Software and Affected Versions: Laposta - Roel Bousardt Laposta Signup Basic plugin versions = 1.4.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application th...
PT-2023-19884 · WordPress · Sumo Social Share Boost
Name of the Vulnerable Software and Affected Versions: Sumo Social Share Boost plugin versions = 4.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...
PT-2023-20405 · Cage Web Design · Optimize Database After Deleting Revisions
Name of the Vulnerable Software and Affected Versions: CAGE Web Design | Rolf van Gelder Optimize Database after Deleting Revisions plugin versions = 5.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended...
PT-2023-26399 · Anshul · Anshul Labs Mobile Address Bar Changer
Name of the Vulnerable Software and Affected Versions: Anshul Labs Mobile Address Bar Changer plugin versions = 3.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...