Total
5841 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49854 | 1 Madebytribe | 1 Caddy | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Tribe Interactive Caddy – Smart Side Cart for WooCommerce.This issue affects Caddy – Smart Side Cart for WooCommerce: from n/a through 1.9.7. | |||||
| CVE-2023-49855 | 1 Binarycarpenter | 1 Menu Bar Cart Icon For Woocommerce | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3. | |||||
| CVE-2023-50372 | 1 Wpgogo | 1 Custom Post Type Page Template | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita Custom Post Type Page Template.This issue affects Custom Post Type Page Template: from n/a through 1.1. | |||||
| CVE-2023-49840 | 1 Palscode | 1 Multi Currency For Woocommerce | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Palscode Multi Currency For WooCommerce.This issue affects Multi Currency For WooCommerce: from n/a through 1.5.5. | |||||
| CVE-2023-49843 | 1 Quanticedge | 1 First Order Discount Woocommerce | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in QuanticEdge First Order Discount Woocommerce.This issue affects First Order Discount Woocommerce: from n/a through 1.21. | |||||
| CVE-2023-49844 | 1 Reviewsignal | 1 Wpperformancetester | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Kevin Ohashi WPPerformanceTester.This issue affects WPPerformanceTester: from n/a through 2.0.0. | |||||
| CVE-2023-49834 | 1 Pluginus | 1 Fox - Currency Switcher Professional For Woocommerce | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 FOX – Currency Switcher Professional for WooCommerce.This issue affects FOX – Currency Switcher Professional for WooCommerce: from n/a through 1.4.1.4. | |||||
| CVE-2023-49824 | 1 Pixelyoursite | 1 Product Catalog Feed | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Product Catalog Feed by PixelYourSite.This issue affects Product Catalog Feed by PixelYourSite: from n/a through 2.1.1. | |||||
| CVE-2023-24380 | 1 Webbjocke | 1 Simple Wp Sitemap | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp Sitemap.This issue affects Simple Wp Sitemap: from n/a through 1.2.1. | |||||
| CVE-2023-49751 | 1 Getbutterfly | 1 Block For Font Awesome | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu Block for Font Awesome.This issue affects Block for Font Awesome: from n/a through 1.4.0. | |||||
| CVE-2023-49769 | 1 Softlabbd | 1 Integrate Google Drive | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4. | |||||
| CVE-2023-48766 | 1 Svgator | 1 Svgator | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4. | |||||
| CVE-2023-48762 | 1 Crocoblock | 1 Jetelements For Elementor | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. | |||||
| CVE-2023-46617 | 1 Wpfoxly | 1 Adfoxly | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt.This issue affects AdFoxly – Ad Manager, AdSense Ads & Ads.Txt: from n/a through 1.8.5. | |||||
| CVE-2023-49816 | 1 Whereyoursolutionis | 1 Fix My Feed Rss Repair | 2023-12-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.This issue affects Fix My Feed RSS Repair: from n/a through 1.4. | |||||
| CVE-2023-50722 | 1 Xwiki | 1 Xwiki | 2023-12-19 | N/A | 8.8 HIGH |
| XWiki Platform is a generic wiki platform. Starting in 2.3 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, there is a reflected XSS or also direct remote code execution vulnerability in the code for displaying configurable admin sections. The code that can be passed through a URL parameter is only executed when the user who is visiting the crafted URL has edit right on at least one configuration section. While any user of the wiki could easily create such a section, this vulnerability doesn't require the attacker to have an account or any access on the wiki. It is sufficient to trick any admin user of the XWiki installation to visit the crafted URL. This vulnerability allows full remote code execution with programming rights and thus impacts the confidentiality, integrity and availability of the whole XWiki installation. This has been fixed in XWiki 14.10.15, 15.5.2 and 15.7RC1. The patch can be manually applied to the document `XWiki.ConfigurableClass`. | |||||
| CVE-2023-50870 | 1 Jetbrains | 1 Teamcity | 2023-12-19 | N/A | 8.8 HIGH |
| In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible | |||||
| CVE-2023-50017 | 1 Iteachyou | 1 Dreamer Cms | 2023-12-19 | N/A | 8.8 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup | |||||
| CVE-2023-50775 | 1 Jenkins | 1 Deployment Dashboard | 2023-12-18 | N/A | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Deployment Dashboard Plugin 1.0.10 and earlier allows attackers to copy jobs. | |||||
| CVE-2023-50778 | 1 Jenkins | 1 Paaslane Estimate | 2023-12-18 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified token. | |||||