Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2549 | 1 Featherplugins | 1 Feather Login Page | 2025-01-13 | 8.8 High |
| The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1. This is due to missing nonce validation in the 'createTempAccountLink' function. This makes it possible for unauthenticated attackers to create a new user with administrator role via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. An attacker can leverage CVE-2023-2545 to get the login link or request a password reset to the new user's email address. | ||||
| CVE-2022-30544 | 1 Hyumika | 1 Openstreetmap | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in MiKa's OSM – OpenStreetMap plugin <= 6.0.1 versions. | ||||
| CVE-2022-36401 | 1 Standalonetech | 1 Terawallet | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in TeraWallet – For WooCommerce plugin <= 1.3.24 versions. | ||||
| CVE-2022-44585 | 1 Magneticlab | 1 Homepage Pop-up | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions. | ||||
| CVE-2022-40692 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Sunshine Photo Cart plugin <= 2.9.13 versions. | ||||
| CVE-2022-45067 | 1 Devscred | 1 Exclusive Addons For Elementor | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions. | ||||
| CVE-2022-45807 | 1 Wpvibes | 1 Wp Mail Log | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in WPVibes WP Mail Log plugin <= 1.0.1 versions. | ||||
| CVE-2022-46815 | 1 Wptrio | 1 Conditional Shipping For Woocommerce | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 versions. | ||||
| CVE-2022-46842 | 1 Wiselyhub | 1 Js Help Desk | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in JS Help Desk plugin <= 2.7.1 versions. | ||||
| CVE-2022-27628 | 1 Wzone Project | 1 Wzone | 2025-01-13 | 4.7 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in AA-Team WZone – Lite Version plugin 3.1 Lite versions. | ||||
| CVE-2022-41620 | 1 Seosamba | 1 Seosamba | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in SeoSamba for WordPress Webmasters plugin <= 1.0.5 versions. | ||||
| CVE-2022-41134 | 1 Optinly | 1 Optinly | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in OptinlyHQ Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms plugin <= 1.0.15 versions. | ||||
| CVE-2022-43469 | 1 Orchestrated | 1 Corona Virus \(covid-19\) Banner \& Live Data | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Orchestrated Corona Virus (COVID-19) Banner & Live Data plugin <= 1.7.0.6 versions. | ||||
| CVE-2023-25066 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions. | ||||
| CVE-2023-25065 | 1 Shapedplugin | 1 Wp Tabs | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions. | ||||
| CVE-2023-24377 | 1 Lightspeedhq | 1 Ecwid Ecommerce Shopping Cart | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions. | ||||
| CVE-2022-46862 | 1 Expresstech | 1 Quiz And Survey Master | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions. | ||||
| CVE-2023-24382 | 1 Material Design Icons For Page Builders Project | 1 Material Design Icons For Page Builders | 2025-01-13 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions. | ||||
| CVE-2023-23899 | 1 Hasthemes | 1 Extensions For Cf7 | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation. | ||||
| CVE-2023-23659 | 1 Mainwp | 1 Motomo | 2025-01-13 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in MainWP Matomo Extension <= 4.0.4 versions. | ||||