Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-40009: WordPress WP Pipes plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Pipes plugin <= 1.4.0 versions.

CVE
Open in Source
#csrf#vulnerability#wordpress#auth
CVE-2023-39159: WordPress Fraud Prevention For Woocommerce plugin <= 2.1.5 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Fraud Prevention For Woocommerce plugin <= 2.1.5 versions.

CVE-2023-32671: Multiple Vulnerabilities Budyboss | INCIBE-CERT

A stored XSS vulnerability has been found on BuddyBoss Platform affecting version 2.2.9. This vulnerability allows an attacker to store a malicious javascript payload via POST request when sending an invitation.

CVE-2023-40212: WordPress Product Attachment for WooCommerce plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Product Attachment for WooCommerce plugin <= 2.1.8 versions.

CVE-2023-40202: WordPress Email Template Designer – WP HTML Mail plugin <= 3.4.1 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin <= 3.4.1 versions.

CVE-2023-40201: WordPress Futurio Extra plugin <= 1.8.4 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin.

CVE-2023-39989: WordPress Header Footer Code Manager plugin <= 1.1.34 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in 99robots Header Footer Code Manager plugin <= 1.1.34 versions.