Total
5841 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-51525 | 2024-03-15 | N/A | N/A | ||
Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar.This issue affects WP Simple Booking Calendar: from n/a through 2.0.8.4. | |||||
CVE-2024-28195 | 2024-03-13 | N/A | 8.1 HIGH | ||
your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions < 1.9.0 do not protect the API and login flow against Cross-Site Request Forgery (CSRF). Attackers can use this to execute CSRF attacks on victims, allowing them to retrieve, modify or delete data on the affected YourSpotify instance. Using repeated CSRF attacks, it is also possible to create a new user on the victim instance and promote the new user to instance administrator if a legitimate administrator visits a website prepared by an attacker. Note: Real-world exploitability of this vulnerability depends on the browser version and browser settings in use by the victim. This issue has been addressed in version 1.9.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
CVE-2024-2416 | 2024-03-13 | N/A | 6.5 MEDIUM | ||
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ES_WLD71-T1_v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated. | |||||
CVE-2023-28949 | 1 Ibm | 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access | 2024-03-07 | N/A | 6.5 MEDIUM |
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 251216. | |||||
CVE-2021-31152 | 1 Multilaser | 2 Ac1200 Re018, Ac1200 Re018 Firmware | 2024-03-03 | 6.8 MEDIUM | 8.8 HIGH |
Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords, and perform other actions through misconfigured requests, entries, and headers. | |||||
CVE-2024-27948 | 2024-02-29 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in bytesforall Atahualpa.This issue affects Atahualpa: from n/a through 3.7.24. | |||||
CVE-2024-24705 | 2024-02-29 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Octa Code Accessibility.This issue affects Accessibility: from n/a through 1.0.6. | |||||
CVE-2024-21749 | 2024-02-29 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Atakan Au 1 click disable all.This issue affects 1 click disable all: from n/a through 1.0.1. | |||||
CVE-2023-52223 | 2024-02-29 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8. | |||||
CVE-2023-51683 | 2024-02-29 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a through 1.8.1. | |||||
CVE-2023-51681 | 2024-02-29 | N/A | 6.5 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Duplicator Duplicator – WordPress Migration & Backup Plugin.This issue affects Duplicator – WordPress Migration & Backup Plugin: from n/a through 1.5.7. | |||||
CVE-2024-24702 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5. | |||||
CVE-2023-51533 | 2024-02-29 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart.This issue affects Ecwid Ecommerce Shopping Cart: from n/a through 6.12.4. | |||||
CVE-2023-52226 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Flamingo.This issue affects Advanced Flamingo: from n/a through 1.0. | |||||
CVE-2024-21752 | 2024-02-29 | N/A | 7.1 HIGH | ||
Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows Reflected XSS.This issue affects Ajax Search Lite: from n/a through 4.11.4. | |||||
CVE-2023-51530 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in GS Plugins Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation.This issue affects Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation: from n/a through 3.5.1. | |||||
CVE-2023-51529 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Mega – Absolute Addons For Elementor.This issue affects HT Mega – Absolute Addons For Elementor: from n/a through 2.3.3. | |||||
CVE-2024-25930 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Nuggethon Custom Order Statuses for WooCommerce.This issue affects Custom Order Statuses for WooCommerce: from n/a through 1.5.2. | |||||
CVE-2023-51531 | 2024-02-29 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17. | |||||
CVE-2024-25931 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8. |