Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CVE-2023-25029: WordPress WP Social Bookmarking Light plugin <= 2.0.7 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in utahta WP Social Bookmarking Light plugin <= 2.0.7 versions.

CVE
Open in Source
#csrf#vulnerability#wordpress#auth
CVE-2023-25470: WordPress Rus-To-Lat plugin <= 0.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Anton Skorobogatov Rus-To-Lat plugin <= 0.3 versions.

CVE-2023-24008: WordPress Maspik – Spam blacklist plugin <= 0.7.8 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in yonifre Maspik – Spam Blacklist plugin <= 0.7.8 versions.

CVE-2023-24007: WordPress Admin Block Country plugin <= 7.1.4 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in TheOnlineHero - Tom Skroza Admin Block Country plugin <= 7.1.4 versions.

CVE-2023-23714: WordPress Uncanny Toolkit for LearnDash plugin <= 3.6.4.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin <= 3.6.4.1 versions.

CVE-2023-25976: WordPress Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions.

CVE-2023-33751: There is a cross site scripting (XSS) vulnerability exists in mipjz v5.0.5 · Issue #14 · sansanyun/mipjz

A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at /app/tag/controller/ApiAdminTagCategory.php.