Total
5841 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49920 | 1 Apache | 1 Airflow | 2023-12-28 | N/A | 6.5 MEDIUM |
| Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious website opened in the same browser - by the user who also had Airflow UI opened - to trigger the execution of DAGs without the user's consent. Users are advised to upgrade to version 2.8.0 or later which is not affected | |||||
| CVE-2021-21675 | 1 Jenkins | 1 Requests | 2023-12-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins requests-plugin Plugin 2.2.12 and earlier allows attackers to create requests and/or have administrators apply pending requests. | |||||
| CVE-2021-21655 | 1 Jenkins | 1 P4 | 2023-12-27 | 5.8 MEDIUM | 7.1 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. | |||||
| CVE-2023-49821 | 1 Livechat | 1 Livechat | 2023-12-27 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in LiveChat LiveChat – WP live chat plugin for WordPress.This issue affects LiveChat – WP live chat plugin for WordPress: from n/a through 4.5.15. | |||||
| CVE-2023-46212 | 1 Wpvnteam | 1 Wp Extra | 2023-12-22 | N/A | 8.8 HIGH |
| Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects WP EXtra: from n/a through 6.2. | |||||
| CVE-2023-48751 | 1 Xnau | 1 Participants Database | 2023-12-22 | N/A | 8.8 HIGH |
| Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects Participants Database: from n/a through 2.5.5. | |||||
| CVE-2022-27214 | 1 Jenkins | 1 Release Helper | 2023-12-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2022-29050 | 1 Jenkins | 1 Publish Over Ftp | 2023-12-22 | 6.8 MEDIUM | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over FTP Plugin 1.16 and earlier allows attackers to connect to an FTP server using attacker-specified credentials. | |||||
| CVE-2022-30946 | 1 Jenkins | 1 Script Security | 2023-12-22 | 4.3 MEDIUM | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver. | |||||
| CVE-2022-30930 | 1 Phpgurukul | 1 Tourism Management System | 2023-12-22 | 4.3 MEDIUM | 4.3 MEDIUM |
| Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). | |||||
| CVE-2023-47787 | 1 Automattic | 1 Woocommerce Bookings | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 2.0.3. | |||||
| CVE-2023-47789 | 1 Automattic | 1 Canada Post Shipping Method | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Canada Post Shipping Method.This issue affects Canada Post Shipping Method: from n/a through 2.8.3. | |||||
| CVE-2023-49163 | 1 Mtrv | 1 Teachpress | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler teachPress.This issue affects teachPress: from n/a through 9.0.5. | |||||
| CVE-2023-49164 | 1 Oceanwp | 1 Ocean Extra | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in OceanWP Ocean Extra.This issue affects Ocean Extra: from n/a through 2.2.2. | |||||
| CVE-2023-48768 | 1 Codeastrology | 1 Quantity Plus Minus Button For Woocommerce | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in CodeAstrology Team Quantity Plus Minus Button for WooCommerce by CodeAstrology.This issue affects Quantity Plus Minus Button for WooCommerce by CodeAstrology: from n/a through 1.1.9. | |||||
| CVE-2023-48772 | 1 Arulprasadj | 1 Prevent Landscape Rotation | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Prevent Landscape Rotation.This issue affects Prevent Landscape Rotation: from n/a through 2.0. | |||||
| CVE-2023-48769 | 1 Bluecoral | 1 Chat Bubble | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Blue Coral Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back.This issue affects Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back: from n/a through 2.3. | |||||
| CVE-2023-48773 | 1 Wpdoctor | 1 Woocommerce Login Redirect | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommerce Login Redirect.This issue affects WooCommerce Login Redirect: from n/a through 2.2.4. | |||||
| CVE-2023-48778 | 1 Villatheme | 1 Product Size Chart For Woocommerce | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Product Size Chart For WooCommerce.This issue affects Product Size Chart For WooCommerce: from n/a through 1.1.5. | |||||
| CVE-2023-48781 | 1 Marketingrapel | 1 Mkrapel Regiones Y Ciudades De Chile Para Wc | 2023-12-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Marketing Rapel MkRapel Regiones y Ciudades de Chile para WC.This issue affects MkRapel Regiones y Ciudades de Chile para WC: from n/a through 4.3.0. | |||||