Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-25709: WordPress Locatoraid Store Locator plugin <= 3.9.11 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.11 versions.

CVE
#csrf#vulnerability#wordpress#auth
CVE-2022-47427: WordPress My Calendar plugin <= 3.3.24.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.

A Spy Wants to Connect With You on LinkedIn

Russia, North Korea, Iran, and China have been caught using fake profiles to gather information. But the platform’s tools to weed them out only go so far.

CVE-2022-47143: WordPress Multiple Pages Generator by Themeisle plugin <= 3.3.9 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG plugin <= 3.3.9 versions.

CVE-2022-47141: WordPress WP Dynamic Keywords Injector plugin <= 2.3.15 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Dynamic Keywords Injector plugin <= 2.3.15 versions.

CVE-2022-47147: WordPress ipblocklist plugin <= 1.0 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Kesz1 Technologies ipBlockList plugin <= 1.0 versions.

CVE-2022-47422: WordPress WordPress Stripe Donation plugin <= 3.1.5 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin <= 3.1.5 versions.

CVE-2022-47443: WordPress Multi Rating plugin <= 5.0.5 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.5 versions.

CVE-2022-47154: WordPress CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin <= 2.4.49 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin <= 2.4.49 versions.

CVE-2022-47595: WordPress WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 - Directory Traversal - Patchstack

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 versions.