Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CVE-2023-48058: cms/CSRF exists at the task management execution task location.md at main · CP1379767017/cms

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/run

CVE
#csrf#vulnerability#git
CVE-2023-40335: WordPress Cleverwise Daily Quotes plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Jeremy O'Connell Cleverwise Daily Quotes allows Stored XSS.This issue affects Cleverwise Daily Quotes: from n/a through 3.2.

CVE-2023-46092: WordPress Webmaster Tools plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com Webmaster Tools allows Stored XSS.This issue affects Webmaster Tools: from n/a through 2.0.

CVE-2023-46201: WordPress Auto Login New User After Registration plugin <= 1.9.6 - CSRF leading to Stored XSS vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a through 1.9.6.

CVE-2023-47516: WordPress Category Post List Widget plugin <= 2.0 - CSRF to Cross Site Scripting (XSS) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Stark Digital Category Post List Widget allows Stored XSS.This issue affects Category Post List Widget: from n/a through 2.0.

CVE-2023-47652: WordPress Auto Affiliate Links plugin <= 6.4.2.4 - CSRF lead to Stored XSS vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.

CVE-2023-46634: WordPress Custom My Account for Woocommerce plugin <= 2.1 - CSRF to XSS vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My Account for Woocommerce allows Cross-Site Scripting (XSS).This issue affects Custom My Account for Woocommerce: from n/a through 2.1.

CVE-2023-35041: WordPress Web Push Notifications – Webpushr plugin <= 4.34.0 - CSRF Leading to LFI vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions.

CVE-2023-47669: WordPress User Profile Builder plugin <= 3.10.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.10.3 versions.

CVE-2023-33207: WordPress Stop Referrer Spam plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Wielogórski Stop Referrer Spam plugin <= 1.3.0 versions.