Export limit exceeded: 20742 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10194 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10194 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34654 | 1 Freeamigos | 1 Manage Notification E-mails | 2025-02-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in Virgial Berveling's Manage Notification E-mails plugin <= 1.8.2 on WordPress. | ||||
| CVE-2022-26366 | 1 Adrotate Banner Manager Project | 1 Adrotate Banner Manager | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress. | ||||
| CVE-2022-29489 | 1 Sucuri | 1 Security | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation. | ||||
| CVE-2023-37391 | 1 Wpmobilepack | 1 Wordpress Mobile Pack | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps plugin <= 3.4.1 versions. | ||||
| CVE-2023-34185 | 1 Wordpress Nextgen Galleryview Project | 1 Wordpress Nextgen Galleryview | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions. | ||||
| CVE-2023-34029 | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications Project | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable WordPress Update Notifications and auto-update Email Notifications plugin <= 2.3.3 versions. | ||||
| CVE-2023-37968 | 1 Faboba | 1 Falang | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. | ||||
| CVE-2023-37992 | 1 Presspage | 1 Smarty For Wordpress | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | ||||
| CVE-2023-37996 | 1 Gtmetrix | 1 Gtmetrix | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. | ||||
| CVE-2023-44233 | 1 Fooplugins | 1 Foogallery | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in FooPlugins Best WordPress Gallery Plugin – FooGallery plugin <= 2.2.44 versions. | ||||
| CVE-2023-41694 | 1 Realbig | 1 Realbig | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Realbig Team Realbig For WordPress plugin <= 1.0.3 versions. | ||||
| CVE-2023-45052 | 1 Dan009 | 1 Wp Bing Map Pro | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP Bing Map Pro plugin < 5.0 versions. | ||||
| CVE-2023-41131 | 1 Followingmedarling | 1 Spotify Play Button | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <= 2.10 versions. | ||||
| CVE-2023-45831 | 1 Pixelative | 1 Google Amp | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Pixelative, Mohsin Rafique AMP WP – Google AMP For WordPress plugin <= 1.5.15 versions. | ||||
| CVE-2023-5802 | 1 Wpknowledgebase | 1 Wp Knowledgebase | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mihai Iova WordPress Knowledge base & Documentation Plugin – WP Knowledgebase plugin <= 1.3.4 versions. | ||||
| CVE-2025-0865 | 2025-02-19 | 6.5 Medium | ||
| The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation on the wp_mcm_handle_action_settings() function. This makes it possible for unauthenticated attackers to alter plugin settings, such as the taxonomy used for media, the base slug for media categories, and the default media category via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2023-0498 | 1 Hasthemes | 1 Wp Education | 2025-02-19 | 4.3 Medium |
| The WP Education WordPress plugin before 1.2.7 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack | ||||
| CVE-2023-0335 | 1 Wpvar | 1 Wp Shamsi | 2025-02-19 | 6.5 Medium |
| The WP Shamsi WordPress plugin through 4.3.3 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber delete attachment. | ||||
| CVE-2023-0336 | 1 Ooohboi Steroids For Elementor Project | 1 Ooohboi Steroids For Elementor | 2025-02-19 | 6.5 Medium |
| The OoohBoi Steroids for Elementor WordPress plugin before 2.1.5 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment. | ||||
| CVE-2023-1089 | 1 Hasthemes | 1 Coupon Zen | 2025-02-19 | 4.3 Medium |
| The Coupon Zen WordPress plugin before 1.0.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack | ||||