Total
7651 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31880 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Stylemix Pearl allows Cross Site Request Forgery. This issue affects Pearl: from n/a through 1.3.9. | |||||
| CVE-2024-30946 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 5.5 MEDIUM |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php. | |||||
| CVE-2024-30965 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 8.8 HIGH |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. | |||||
| CVE-2024-29684 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 9.8 CRITICAL |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. | |||||
| CVE-2024-2821 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlink_edit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257708. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2822 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/vote_edit.php. The manipulation of the argument aid leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257709 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1231 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | N/A | 6.8 MEDIUM |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack | |||||
| CVE-2024-1232 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | N/A | 4.8 MEDIUM |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack | |||||
| CVE-2024-1962 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | N/A | 8.8 HIGH |
| The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack | |||||
| CVE-2024-24702 | 1 Sivel | 1 Pagerestrict | 2025-04-01 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5. | |||||
| CVE-2023-51683 | 1 Wpplugin | 1 Easy Paypal \& Stripe Buy Now Button | 2025-04-01 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a through 1.8.1. | |||||
| CVE-2023-52223 | 1 Mailerlite | 1 Mailerlite | 2025-04-01 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8. | |||||
| CVE-2024-25931 | 1 Heureka | 1 Heureka | 2025-04-01 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8. | |||||
| CVE-2024-25932 | 1 Youngtechleads | 1 Change Table Prefix | 2025-04-01 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix.This issue affects Change Table Prefix: from n/a through 2.0. | |||||
| CVE-2024-28678 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 6.3 MEDIUM |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php | |||||
| CVE-2024-28681 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 6.1 MEDIUM |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php. | |||||
| CVE-2024-28682 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 6.3 MEDIUM |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php. | |||||
| CVE-2024-28430 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 6.1 MEDIUM |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php. | |||||
| CVE-2024-28431 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 8.8 HIGH |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_del.php. | |||||
| CVE-2024-28432 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 8.8 HIGH |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_edit.php. | |||||