Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46779 | 1 Easyrecipe Project | 1 Easyrecipe | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin <= 3.5.3251 versions. | ||||
| CVE-2023-46778 | 1 Thefreewindows | 1 Auto Limit Posts Reloaded | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin <= 2.5 versions. | ||||
| CVE-2023-46777 | 1 Featherplugins | 1 Custom Login Page \| Temporary Users \| Rebrand Login \| Login Captcha | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <= 1.1.3 versions. | ||||
| CVE-2023-46776 | 1 Josie | 1 Auto Excerpt Everywhere | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Serena Villa Auto Excerpt everywhere plugin <= 1.5 versions. | ||||
| CVE-2023-46775 | 1 Zixn | 1 Original Texts Yandex Webmaster | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions. | ||||
| CVE-2023-46699 | 1 Weseek | 1 Growi | 2024-11-21 | 4.3 Medium |
| Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention. | ||||
| CVE-2023-46638 | 1 Webcodin | 1 Wcp Openweather | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0 versions. | ||||
| CVE-2023-46636 | 1 Blackbam | 1 Custom Header Images | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in David Stöckl Custom Header Images plugin <= 1.2.1 versions. | ||||
| CVE-2023-46634 | 1 Phoeniixx | 1 Custom My Account For Woocommerce | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My Account for Woocommerce allows Cross-Site Scripting (XSS).This issue affects Custom My Account for Woocommerce: from n/a through 2.1. | ||||
| CVE-2023-46629 | 1 Themelocation | 1 Remove Add To Cart Woocommerce | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4. | ||||
| CVE-2023-46625 | 1 Daext | 1 Autolinks Manager | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Autolinks Manager plugin <= 1.10.04 versions. | ||||
| CVE-2023-46620 | 1 Fluenx | 1 Deepl Api Translation | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API translation plugin <= 2.3.9.1 versions. | ||||
| CVE-2023-46619 | 1 Web-dorado | 1 Wdsocialwidgets | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WebDorado WDSocialWidgets plugin <= 1.0.15 versions. | ||||
| CVE-2023-46618 | 1 Bala-krishna | 1 Category Seo Meta Tags | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin <= 2.5 versions. | ||||
| CVE-2023-46617 | 1 Wpfoxly | 1 Adfoxly | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt.This issue affects AdFoxly – Ad Manager, AdSense Ads & Ads.Txt: from n/a through 1.8.5. | ||||
| CVE-2023-46614 | 1 Matbao | 1 Wp Helper Premium | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 versions. | ||||
| CVE-2023-46375 | 1 Zentao | 1 Biz | 2024-11-21 | 8.8 High |
| ZenTao Biz version 4.1.3 and before is vulnerable to Cross Site Request Forgery (CSRF). | ||||
| CVE-2023-46242 | 1 Xwiki | 1 Xwiki | 2024-11-21 | 9.7 Critical |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have `programming` privileges in order to exploit this vulnerability. This issue has been patched in XWiki 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for for this vulnerability. | ||||
| CVE-2023-46212 | 1 Wpvnteam | 1 Wp Extra | 2024-11-21 | 6.3 Medium |
| Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects WP EXtra: from n/a through 6.2. | ||||
| CVE-2023-46204 | 1 Mullerdigital | 1 Duplicate Theme | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Muller Digital Inc. Duplicate Theme plugin <= 0.1.6 versions. | ||||