Total
8113 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24533 | 2025-01-27 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsive Slider by MetaSlider allows Cross Site Request Forgery. This issue affects Responsive Slider by MetaSlider: from n/a through 3.92.0. | ||||
| CVE-2023-2444 | 1 Rockwellautomation | 1 Factorytalk Vantagepoint | 2025-01-24 | 7.1 High |
| A cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user clicks the link, the attacker could impersonate the legitimate user and send requests to the affected product. Additionally, if an attacker sends an untrusted link to a computer that is not on the same domain as the server and a user opens the FactoryTalk Vantagepoint website, enters credentials for the FactoryTalk Vantagepoint server, and clicks on the malicious link a cross site request forgery attack would be successful as well. | ||||
| CVE-2023-0763 | 1 Infigosoftware | 1 Clock In Portal- Staff \& Attendance Management | 2025-01-24 | 4.3 Medium |
| The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack | ||||
| CVE-2025-24555 | 2025-01-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows Stored XSS. This issue affects Subscription DNA: from n/a through 2.1. | ||||
| CVE-2025-24568 | 2025-01-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates allows Cross Site Request Forgery. This issue affects Starter Templates: from n/a through 4.4.9. | ||||
| CVE-2025-24562 | 2025-01-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS. This issue affects KBucket: from n/a through 4.1.6. | ||||
| CVE-2025-24636 | 2025-01-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Laymance Technologies LLC MachForm Shortcode allows Stored XSS. This issue affects MachForm Shortcode: from n/a through 1.4.1. | ||||
| CVE-2025-24622 | 2025-01-24 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Job Board Manager allows Cross Site Request Forgery. This issue affects Job Board Manager: from n/a through 2.1.59. | ||||
| CVE-2025-24623 | 2025-01-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Security Really Simple SSL allows Cross Site Request Forgery. This issue affects Really Simple SSL: from n/a through 9.1.4. | ||||
| CVE-2025-24647 | 2025-01-24 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in datafeedr.com WooCommerce Cloak Affiliate Links allows Cross Site Request Forgery. This issue affects WooCommerce Cloak Affiliate Links: from n/a through 1.0.35. | ||||
| CVE-2025-24696 | 2025-01-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Attire Attire Blocks allows Cross Site Request Forgery. This issue affects Attire Blocks: from n/a through 1.9.6. | ||||
| CVE-2025-24713 | 2025-01-24 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder allows Cross Site Request Forgery. This issue affects Button Generator – easily Button Builder: from n/a through 3.1.1. | ||||
| CVE-2025-24712 | 2025-01-24 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Radius Blocks allows Cross Site Request Forgery. This issue affects Radius Blocks: from n/a through 2.1.2. | ||||
| CVE-2025-24739 | 2025-01-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in FluentSMTP & WPManageNinja Team FluentSMTP allows Cross Site Request Forgery. This issue affects FluentSMTP: from n/a through 2.2.80. | ||||
| CVE-2022-3747 | 1 Muffingroup | 1 Becustom | 2025-01-23 | 8.8 High |
| The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2. This is due to missing nonce validation when saving the plugin's settings. This makes it possible for unauthenticated attackers to update the plugin's settings like betheme_url_slug, replaced_theme_author, and betheme_label to name a few, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2023-32991 | 1 Jenkins | 1 Saml Single Sign On | 2025-01-23 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | ||||
| CVE-2023-32989 | 1 Jenkins | 1 Azure Vm Agents | 2025-01-23 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | ||||
| CVE-2023-32995 | 1 Jenkins | 1 Saml Single Sign On | 2025-01-23 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | ||||
| CVE-2023-50886 | 1 Wpwax | 1 Legal Pages | 2025-01-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF), Incorrect Authorization vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.3.7. | ||||
| CVE-2023-50861 | 1 Pluginus | 1 Husky - Products Filter Professional For Woocommerce | 2025-01-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.4.3. | ||||