Total
5841 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48328 | 1 Imagely | 1 Nextgen Gallery | 2023-12-06 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery allows Cross Site Request Forgery.This issue affects WordPress Gallery Plugin – NextGEN Gallery: from n/a through 3.37. | |||||
| CVE-2023-48754 | 1 Wapnepal | 1 Delete Post Revisions | 2023-12-06 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Wap Nepal Delete Post Revisions In WordPress allows Cross Site Request Forgery.This issue affects Delete Post Revisions In WordPress: from n/a through 4.6. | |||||
| CVE-2023-5803 | 1 Businessdirectoryplugin | 1 Business Directory | 2023-12-06 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Business Directory Team Business Directory Plugin – Easy Listing Directories for WordPress allows Cross-Site Request Forgery.This issue affects Business Directory Plugin – Easy Listing Directories for WordPress: from n/a through 6.3.10. | |||||
| CVE-2023-36685 | 1 Brainstormforce | 1 Cartflows | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12. | |||||
| CVE-2023-48281 | 1 Superblogme | 1 Broken Link Checker For Youtube | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Super Blog Me Broken Link Checker for YouTube allows Cross Site Request Forgery.This issue affects Broken Link Checker for YouTube: from n/a through 1.3. | |||||
| CVE-2023-48913 | 1 Iteachyou | 1 Dreamer Cms | 2023-12-05 | N/A | 8.8 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/delete. | |||||
| CVE-2023-48914 | 1 Iteachyou | 1 Dreamer Cms | 2023-12-05 | N/A | 8.8 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/add. | |||||
| CVE-2023-48912 | 1 Iteachyou | 1 Dreamer Cms | 2023-12-05 | N/A | 8.8 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/edit. | |||||
| CVE-2023-48279 | 1 S-sols | 1 Seraphinite Post .docx Source | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source allows Cross Site Request Forgery.This issue affects Seraphinite Post .DOCX Source: from n/a through 2.16.6. | |||||
| CVE-2023-34030 | 1 Really-simple-plugins | 1 Complianz | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Request Forgery.This issue affects Complianz: from n/a through 6.4.5; Complianz Premium: from n/a through 6.4.7. | |||||
| CVE-2023-36682 | 1 Brainstormforce | 1 Schema Pro | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7. | |||||
| CVE-2023-47645 | 1 Metagauss | 1 Registrationmagic | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Cross Site Request Forgery.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.2.6. | |||||
| CVE-2023-5772 | 1 Bowo | 1 Debug Log Manager | 2023-12-05 | N/A | 4.3 MEDIUM |
| The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the clear_log() function. This makes it possible for unauthenticated attackers to clear the debug log via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||
| CVE-2023-49076 | 1 Pimcore | 1 Pimcore | 2023-12-05 | N/A | 6.5 MEDIUM |
| Customer-data-framework allows management of customer data within Pimcore. There are no tokens or headers to prevent CSRF attacks from occurring, therefore an attacker could abuse this vulnerability to create new customers. This issue has been patched in version 4.0.5. | |||||
| CVE-2023-49673 | 1 Jenkins | 4 Google Compute Engine, Jira, Matlab and 1 more | 2023-12-05 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password. | |||||
| CVE-2023-49655 | 1 Jenkins | 1 Matlab | 2023-12-05 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system. | |||||
| CVE-2023-48744 | 1 Offshorewebmaster | 1 Availability Calendar | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a through 1.2.6. | |||||
| CVE-2023-48334 | 1 Daext | 1 League Table | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in DAEXT League Table allows Cross Site Request Forgery.This issue affects League Table: from n/a through 1.13. | |||||
| CVE-2023-48331 | 1 Stormhillmedia | 1 Mybook Table Bookstore | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore by Stormhill Media allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore by Stormhill Media: from n/a through 3.3.4. | |||||
| CVE-2023-48330 | 1 Supremo | 1 Bulk Comment Remove | 2023-12-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Mike Strand Bulk Comment Remove allows Cross Site Request Forgery.This issue affects Bulk Comment Remove: from n/a through 2. | |||||