Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CVE-2023-34371: WordPress SpamReferrerBlock plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions.

CVE
Open in Source
#csrf#vulnerability#wordpress#auth
CVE-2023-34178: WordPress Groundhogg plugin <= 2.7.11 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions.

CVE-2023-46614: WordPress WP Helper Premium plugin <= 4.5.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 versions.

CVE-2023-34386: WordPress WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions.

CVE-2023-25975: WordPress Etsy Shop plugin <= 3.0.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Frédéric Sheedy Etsy Shop plugin <= 3.0.3 versions.

CVE-2023-45885: XSS in NASAs Open MCT v3.1.0

Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin.

CVE-2023-25994: WordPress Publish to Schedule plugin <= 4.4.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.4.2 versions.