Total
7513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-49250 | 1 Dublue | 1 Table Of Contents Plus | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through 2408. | |||||
| CVE-2024-49272 | 1 Wpwebinfotech | 1 Social Auto Poster | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15. | |||||
| CVE-2024-49274 | 1 Infomaniak | 1 Vod Infomaniak | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7. | |||||
| CVE-2024-49275 | 1 Northernbeacheswebsites | 1 Ideapush | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69. | |||||
| CVE-2024-49290 | 1 Boxystudio | 1 Cooked | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0. | |||||
| CVE-2024-49306 | 1 Wp-buy | 1 Wp Content Copy Protection \& No Right Click | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through 3.5.9. | |||||
| CVE-2024-49627 | 1 Noorsplugin | 1 Wordpress Image Seo | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4. | |||||
| CVE-2024-49628 | 1 Whiletrue | 1 Most And Least Read Posts Widget | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18. | |||||
| CVE-2024-49617 | 1 Bhaskardhote | 1 Back Link Tracker | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0. | |||||
| CVE-2024-49615 | 1 Henriquerodrigues | 1 Safetyforms | 2024-10-22 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0. | |||||
| CVE-2024-39628 | 1 Ninjaforms | 1 Ninja Forms | 2024-10-20 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6. | |||||
| CVE-2024-48758 | 2024-10-18 | N/A | 6.1 MEDIUM | ||
| dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code | |||||
| CVE-2024-49304 | 2024-10-18 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Stored XSS.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1. | |||||
| CVE-2024-48048 | 2024-10-18 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WSIFY – Sales can fly Wsify Widget allows Stored XSS.This issue affects Wsify Widget: from n/a through 1.0. | |||||
| CVE-2024-48038 | 2024-10-18 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen wp-Monalisa allows Cross Site Request Forgery.This issue affects wp-Monalisa: from n/a through 6.4. | |||||
| CVE-2024-49313 | 2024-10-18 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in RudeStan VKontakte Wall Post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through 2.0. | |||||
| CVE-2024-48031 | 2024-10-18 | N/A | 6.5 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sumit Surai Featured Posts with Multiple Custom Groups (FPMCG) allows Cross Site Request Forgery.This issue affects Featured Posts with Multiple Custom Groups (FPMCG): from n/a through 4.0. | |||||
| CVE-2024-48037 | 2024-10-18 | N/A | 5.4 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through 1.4.2. | |||||
| CVE-2024-48047 | 2024-10-18 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Linked Variation for WooCommerce allows Cross Site Request Forgery.This issue affects Linked Variation for WooCommerce: from n/a through 1.0.5. | |||||
| CVE-2024-8507 | 1 Filemanagerpro | 1 File Manager | 2024-10-17 | N/A | 8.8 HIGH |
| The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.3.9. This is due to missing or incorrect nonce validation on the 'mk_file_folder_manager' ajax action. This makes it possible for unauthenticated attackers to upload arbitrary files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||