#csrf

Cross-Site Request Forgery (CSRF) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions.

Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.12 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Winwar Media WP Email Capture plugin <= 3.9.3 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Subscribe button plugin <= 1.3.7 versions.

Cross-site request forgery (CSRF) in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to conduct an arbitrary operation by having a logged-in user view a malicious page. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).

A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function.

The affected products have a CSRF vulnerability that could allow an attacker to execute code and upload malicious files.

Cross-Site Request Forgery (CSRF) vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin <= 1.7.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.