Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7595 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15865 1 Holest 1 Breadcrumbs By Menu 2024-11-21 6.8 MEDIUM 8.8 HIGH
The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF.
CVE-2019-15841 1 Facebook 1 Facebook For Woocommerce 2024-11-21 6.8 MEDIUM 8.8 HIGH
The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility.
CVE-2019-15840 1 Facebook 1 Facebook For Woocommerce 2024-11-21 6.8 MEDIUM 8.8 HIGH
The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
CVE-2019-15835 1 Wp Better Permalinks Project 1 Wp Better Permalinks 2024-11-21 6.8 MEDIUM 8.8 HIGH
The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF.
CVE-2019-15834 1 Webp Converter For Media Project 1 Webp Converter For Media 2024-11-21 6.8 MEDIUM 8.8 HIGH
The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF.
CVE-2019-15832 1 Wp-buy 1 Visitor Traffic Real Time Statistics 2024-11-21 6.8 MEDIUM 8.8 HIGH
The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.
CVE-2019-15831 1 Wp-buy 1 Visitor Traffic Real Time Statistics 2024-11-21 6.8 MEDIUM 8.8 HIGH
The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.
CVE-2019-15828 1 Tribulant 1 One Click Ssl 2024-11-21 6.8 MEDIUM 8.8 HIGH
The one-click-ssl plugin before 1.4.7 for WordPress has CSRF.
CVE-2019-15781 1 Weblizar 1 Social Likebox \& Feed 2024-11-21 6.8 MEDIUM 8.8 HIGH
The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF.
CVE-2019-15779 1 Quadlayers 1 Wp Social Feed Gallery 2024-11-21 6.8 MEDIUM 8.8 HIGH
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete.
CVE-2019-15770 1 Hallme 1 Woocommerce Address Book 2024-11-21 6.8 MEDIUM 8.8 HIGH
The woo-address-book plugin before 1.6.0 for WordPress has save calls without nonce verification checks.
CVE-2019-15769 1 Haktansuren 1 Handl Utm Grabber 2024-11-21 6.8 MEDIUM 8.8 HIGH
The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via add_option and update_option.
CVE-2019-15660 1 Butlerblog 1 Wp-members 2024-11-21 6.8 MEDIUM 8.8 HIGH
The wp-members plugin before 3.2.8 for WordPress has CSRF.
CVE-2019-15648 1 Elearningfreak 1 Insert Or Embed Articulate Content 2024-11-21 5.5 MEDIUM 6.5 MEDIUM
The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber.
CVE-2019-15645 1 Zoho 1 Salesiq 2024-11-21 6.8 MEDIUM 8.8 HIGH
The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF.
CVE-2019-15515 1 Discourse 1 Discourse 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Discourse 2.3.2 sends the CSRF token in the query string.
CVE-2019-15496 1 Manageyourteam 1 Myt Project Management 2024-11-21 6.8 MEDIUM 8.8 HIGH
MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.
CVE-2019-15491 1 It-novum 1 Openitcockpit 2024-11-21 6.8 MEDIUM 8.8 HIGH
openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21.
CVE-2019-15329 1 Codection 1 Import Users From Csv With Meta 2024-11-21 6.8 MEDIUM 8.8 HIGH
The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.
CVE-2019-15238 1 Cformsii Project 1 Cformsii 2024-11-21 6.8 MEDIUM 8.8 HIGH
The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.