Total
5841 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-51528 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12. | |||||
CVE-2024-25932 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix.This issue affects Change Table Prefix: from n/a through 2.0. | |||||
CVE-2024-24708 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects W3SPEEDSTER: from n/a through 7.19. | |||||
CVE-2024-24701 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Native Grid LLC A no-code page builder for beautiful performance-based content.This issue affects A no-code page builder for beautiful performance-based content: from n/a through 2.1.20. | |||||
CVE-2024-25982 | 2024-02-29 | N/A | 4.3 MEDIUM | ||
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk. | |||||
CVE-2024-22287 | 1 Ludek | 1 Better Anchor Links | 2024-02-29 | N/A | 6.1 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability in Luděk Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a through 1.7.5. | |||||
CVE-2023-51535 | 1 Cleantalk | 1 Spam Protection\, Antispam\, Firewall | 2024-02-29 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20. | |||||
CVE-2023-49853 | 1 Paytr | 1 Paytr Taksit Tablosu - Woocommerce | 2024-02-29 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu – WooCommerce.This issue affects PayTR Taksit Tablosu – WooCommerce: from n/a through 1.3.1. | |||||
CVE-2023-47243 | 1 Codemshop | 1 Mshop My Site | 2024-02-29 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop 코드엠샵 마이사이트 – MSHOP MY SITE.This issue affects 코드엠샵 마이사이트 – MSHOP MY SITE: from n/a through 1.1.6. | |||||
CVE-2023-34169 | 1 Sakura | 1 Ts Webfonts For Sakura | 2024-02-29 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 versions. | |||||
CVE-2023-25987 | 1 Urosevic | 1 My Youtube Channel | 2024-02-29 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar Urošević My YouTube Channel plugin <= 3.23.3 versions. | |||||
CVE-2023-50930 | 1 Savignano | 1 S-notify | 2024-02-28 | N/A | 7.1 HIGH |
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Jira, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be. | |||||
CVE-2017-11455 | 2 Ivanti, Pulsesecure | 3 Connect Secure, Pulse Connect Secure, Pulse Policy Secure | 2024-02-27 | 6.8 MEDIUM | 8.8 HIGH |
diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators for requests to start tcpdump, related to the lack of anti-CSRF tokens. | |||||
CVE-2024-24798 | 2024-02-22 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10. | |||||
CVE-2024-25905 | 2024-02-22 | N/A | 5.4 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Mondula GmbH Multi Step Form.This issue affects Multi Step Form: from n/a through 1.7.18. | |||||
CVE-2024-24802 | 2024-02-22 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9. | |||||
CVE-2024-24876 | 2024-02-22 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor.This issue affects Admin Menu Editor: from n/a through 1.12. | |||||
CVE-2024-24872 | 2024-02-22 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Builder.This issue affects Themify Builder: from n/a through 7.0.5. | |||||
CVE-2024-24843 | 2024-02-22 | N/A | 7.1 HIGH | ||
Cross-Site Request Forgery (CSRF) vulnerability in PowerPack Addons for Elementor PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a before 2.10.8. | |||||
CVE-2024-24837 | 2024-02-22 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0. |