Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-41131: WordPress Sp*tify Play Button for WordPress plugin <= 2.10 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <= 2.10 versions.

CVE
#csrf#vulnerability#wordpress#auth
CVE-2023-45106: WordPress Urvanov Syntax Highlighter plugin <= 2.8.33 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Fedor Urvanov, Aram Kocharyan Urvanov Syntax Highlighter plugin <= 2.8.33 versions.

CVE-2023-45103: WordPress Permalinks Customizer plugin <= 2.8.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Permalinks Customizer plugin <= 2.8.2 versions.

CVE-2023-32124: WordPress Publish Confirm Message plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <= 1.3.1 versions.

Backdoor Lurks Behind WordPress Caching Plug-in to Hijack Websites

Evasive malware disguised as a caching plug-in allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.

CVE-2023-45068: WordPress Contact Form by Supsystic plugin <= 1.7.27 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form by Supsystic plugin <= 1.7.27 versions.

CVE-2023-45048: WordPress Social proof testimonials and reviews by Repuso plugin <= 5.00 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Repuso Social proof testimonials and reviews by Repuso plugin <= 5.00 versions.

CVE-2023-44998: WordPress Category Meta plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, Randy Hoyt, steveclarkcouk, Vitaliy Kukin, Eric Le Bail, Tom Ransom Category Meta plugin plugin <= 1.2.8 versions.

CVE-2023-45011: WordPress WP Power Stats plugin <= 2.2.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Igor Buyanov WP Power Stats plugin <= 2.2.3 versions.