Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-53754 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Arrow Design Out Of Stock Badge allows Cross Site Request Forgery.This issue affects Out Of Stock Badge: from n/a through 1.3.1. | ||||
| CVE-2024-53755 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Andrea Pernici Third Party Cookie Eraser allows Stored XSS.This issue affects Third Party Cookie Eraser: from n/a through 1.0.2. | ||||
| CVE-2024-53761 | 2024-12-02 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in P. Roy WP Revisions Manager allows Cross Site Request Forgery.This issue affects WP Revisions Manager: from n/a through 1.0.2. | ||||
| CVE-2024-53765 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Think201 Mins To Read allows Stored XSS.This issue affects Mins To Read: from n/a through 1.2.2. | ||||
| CVE-2024-53769 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ludovic RIAUDEL Custom Post Type to Map Store allows Stored XSS.This issue affects Custom Post Type to Map Store: from n/a through 1.1.0. | ||||
| CVE-2024-53770 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Peter MacIntyre RingCentral Communications allows Stored XSS.This issue affects RingCentral Communications: from n/a through 1.6.1. | ||||
| CVE-2024-53775 | 2024-12-02 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in TannerRitchie Web Applications/DancePress DancePress (TRWA) allows Cross Site Request Forgery.This issue affects DancePress (TRWA): from n/a through 3.1.11. | ||||
| CVE-2024-53777 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Alberto Reineri Simple Header and Footer allows Stored XSS.This issue affects Simple Header and Footer: from n/a through 1.0.0. | ||||
| CVE-2024-53779 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Max Engel Yahoo! WebPlayer allows Stored XSS.This issue affects Yahoo! WebPlayer: from n/a through 2.0.6. | ||||
| CVE-2024-53780 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rajeev Chauhan Load More Posts allows Stored XSS.This issue affects Load More Posts: from n/a through 1.4.0. | ||||
| CVE-2024-53781 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Home Junction SpatialMatch IDX allows Stored XSS.This issue affects SpatialMatch IDX: from n/a through 3.0.9. | ||||
| CVE-2024-53782 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CMSaccount Photo Video Store allows Cross-Site Scripting (XSS).This issue affects Photo Video Store: from n/a through 21.07. | ||||
| CVE-2024-53789 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ritesh Sanap Advanced What should we write next about allows Stored XSS.This issue affects Advanced What should we write next about: from n/a through 1.0.3. | ||||
| CVE-2024-53793 | 2024-12-02 | 8.2 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows Blind SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29. | ||||
| CVE-2024-53776 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Raphael Heide Donate Me allows Stored XSS.This issue affects Donate Me: from n/a through 1.2.5. | ||||
| CVE-2024-51636 | 2024-12-02 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Z.com by GMO GMO Social Connection allows Cross-Site Scripting (XSS). This issue affects GMO Social Connection: from n/a through 1.2. | ||||
| CVE-2024-53778 | 2024-12-01 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through 1.1.1. | ||||
| CVE-2024-53750 | 2024-12-01 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Maeve Lander PayPal Responder allows Stored XSS.This issue affects PayPal Responder: from n/a through 1.2. | ||||
| CVE-2018-0255 | 1 Cisco | 1 Ios | 2024-11-29 | N/A |
| A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. The vulnerability is due to insufficient CSRF protection by the device manager web interface. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow the attacker to submit arbitrary requests to an affected device via the device manager web interface with the privileges of the user. This vulnerability affects the following Cisco Industrial Ethernet (IE) Switches if they are running a vulnerable release of Cisco IOS Software: IE 2000 Series, IE 2000U Series, IE 3000 Series, IE 3010 Series, IE 4000 Series, IE 4010 Series, IE 5000 Series. Cisco Bug IDs: CSCvc96405. | ||||
| CVE-2018-0259 | 1 Cisco | 1 Mate Collector | 2024-11-29 | N/A |
| A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvh31222. | ||||