Total
8113 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45072 | 1 Wpml | 1 Wpml | 2025-02-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress. | ||||
| CVE-2022-45071 | 1 Wpml | 1 Wpml | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress. | ||||
| CVE-2022-40192 | 1 Gvectors | 1 Wpforo Forum | 2025-02-20 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress. | ||||
| CVE-2022-40686 | 1 Constantcontact | 1 Creative Mail | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress. | ||||
| CVE-2022-41805 | 1 Booster | 1 Booster For Woocommerce | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Booster for WooCommerce plugin <= 5.6.6 on WordPress. | ||||
| CVE-2022-40687 | 1 Constantcontact | 1 Creative Mail | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress. | ||||
| CVE-2022-45073 | 1 Miniorange | 1 Wordpress Rest Api Authentication | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in REST API Authentication plugin <= 2.4.0 on WordPress. | ||||
| CVE-2022-44740 | 1 Constantcontact | 1 Creative Mail | 2025-02-20 | 5.4 Medium |
| Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress. | ||||
| CVE-2022-40695 | 1 Clogica | 1 Seo Redirection | 2025-02-20 | 5.4 Medium |
| Multiple Cross-Site Scripting (CSRF) vulnerabilities in SEO Redirection Plugin plugin <= 8.9 on WordPress. | ||||
| CVE-2022-41685 | 1 Visztpeter | 2 Integration For Szamlazz.hu \& Woocommerce, Package Points And Shipping Labels For Woocommerce | 2025-02-20 | 5.4 Medium |
| Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Viszt Péter's Integration for Szamlazz.hu & WooCommerce plugin <= 5.6.3.2 and Csomagpontok és szállítási címkék WooCommerce-hez plugin <= 1.9.0.2 on WordPress. | ||||
| CVE-2022-41634 | 1 Maxfoundry | 1 Media Library Folders | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folders plugin <= 7.1.1 on WordPress. | ||||
| CVE-2022-44737 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2025-02-20 | 5.4 Medium |
| Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress. | ||||
| CVE-2022-34654 | 1 Freeamigos | 1 Manage Notification E-mails | 2025-02-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in Virgial Berveling's Manage Notification E-mails plugin <= 1.8.2 on WordPress. | ||||
| CVE-2022-26366 | 1 Adrotate Banner Manager Project | 1 Adrotate Banner Manager | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress. | ||||
| CVE-2022-45824 | 1 Elbtide | 1 Advanced Booking Calendar | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress. | ||||
| CVE-2024-2960 | 1 Svs-websoft | 1 Svs Pricing Tables | 2025-02-20 | 4.3 Medium |
| The SVS Pricing Tables plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the deletePricingTable() function. This makes it possible for unauthenticated attackers to delete pricing tables via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-2959 | 1 Svs-websoft | 1 Svs Pricing Tables | 2025-02-20 | 4.3 Medium |
| The SVS Pricing Tables plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the savePricingTable() function. This makes it possible for unauthenticated attackers to create and edit pricing tables via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-7141 | 2025-02-20 | N/A | ||
| Versions of Gliffy Online prior to versions 4.14.0-7 contains a Cross Site Request Forgery (CSRF) flaw. | ||||
| CVE-2024-12386 | 1 Kevonadonis | 1 Wp Abstracts | 2025-02-20 | 8.1 High |
| The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This makes it possible for unauthenticated attackers to delete arbitrary accounts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2020-10095 | 2025-02-20 | 8.1 High | ||
| Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device. | ||||