Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47644 | 1 Metagauss | 1 Profilegrid | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6. | ||||
| CVE-2023-47578 | 1 Relyum | 4 Rely-pcie, Rely-pcie Firmware, Rely-rec and 1 more | 2024-11-21 | 8.8 High |
| Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface. | ||||
| CVE-2023-47556 | 1 Jamesmehorter | 1 Device Theme Switcher | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in James Mehorter Device Theme Switcher.This issue affects Device Theme Switcher: from n/a through 3.0.2. | ||||
| CVE-2023-47553 | 1 Userlocal | 1 Userheat Plugin | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in User Local Inc UserHeat Plugin.This issue affects UserHeat Plugin: from n/a through 1.1.6. | ||||
| CVE-2023-47552 | 1 Webdevocean | 1 Image Hover Effects | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Image Hover Effects – WordPress Plugin.This issue affects Image Hover Effects – WordPress Plugin: from n/a through 5.5. | ||||
| CVE-2023-47551 | 1 Rednao | 1 Donations Made Easy - Smart Donations | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12. | ||||
| CVE-2023-47550 | 1 Rednao | 1 Donations Made Easy - Smart Donations | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations allows Stored XSS.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12. | ||||
| CVE-2023-47531 | 1 Droitthemes | 1 Droit Dark Mode | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Dark Mode.This issue affects Droit Dark Mode: from n/a through 1.1.2. | ||||
| CVE-2023-47519 | 1 Wcproducttable | 1 Woocommerce Product Table Lite | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WC Product Table WooCommerce Product Table Lite.This issue affects WooCommerce Product Table Lite: from n/a through 2.6.2. | ||||
| CVE-2023-47516 | 1 Starkdigital | 1 Category Post List Widget | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Stark Digital Category Post List Widget allows Stored XSS.This issue affects Category Post List Widget: from n/a through 2.0. | ||||
| CVE-2023-47326 | 1 Silverpeas | 1 Silverpeas | 2024-11-21 | 8.8 High |
| Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function. | ||||
| CVE-2023-47322 | 1 Silverpeas | 1 Silverpeas | 2024-11-21 | 8.8 High |
| The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application. | ||||
| CVE-2023-47243 | 1 Codemshop | 1 Mshop My Site | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop 코드엠샵 마이사이트 – MSHOP MY SITE.This issue affects 코드엠샵 마이사이트 – MSHOP MY SITE: from n/a through 1.1.6. | ||||
| CVE-2023-47186 | 1 Kadencewp | 1 Kadence Woocommerce Email Designer | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin <= 1.5.11 versions. | ||||
| CVE-2023-47182 | 1 Nazmulhossainnihal | 1 Login Screen Manager | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions. | ||||
| CVE-2023-47024 | 1 Ncratleos | 1 Terminal Handler | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in the WSDL that has weak security controls and can accept custom content types. | ||||
| CVE-2023-47020 | 1 Ncratleos | 1 Terminal Handler | 2024-11-21 | 8.8 High |
| Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. This is exploited by an undisclosed function in the WSDL that lacks security controls and can accept custom content types. | ||||
| CVE-2023-47014 | 1 Remyandrade | 1 Sticky Notes App | 2024-11-21 | 6.5 Medium |
| A Cross-Site Request Forgery (CSRF) vulnerability in Sourcecodester Sticky Notes App Using PHP with Source Code v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to add-note.php. | ||||
| CVE-2023-46781 | 1 Rolandmurg | 1 Current Menu Item For Custom Post Types | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg Current Menu Item for Custom Post Types plugin <= 1.5 versions. | ||||
| CVE-2023-46780 | 1 Altersoftware | 1 Alter | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Alter plugin <= 1.0 versions. | ||||