Export limit exceeded: 338139 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9599 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32442 | 1 Zoho | 1 Zoho Campaigns | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | ||||
| CVE-2024-32443 | 1 Ip2location | 1 Country Blocker | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2. | ||||
| CVE-2024-32445 | 1 Saleswonder | 1 Webinarignition | 2025-04-02 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team WebinarIgnition.This issue affects WebinarIgnition: from n/a through 3.05.8. | ||||
| CVE-2025-3099 | 2025-04-02 | 6.1 Medium | ||
| The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2023-24458 | 1 Jenkins | 1 Bearychat | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL. | ||||
| CVE-2023-24457 | 1 Jenkins | 1 Keycloak Authentication | 2025-04-02 | 6.5 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-24452 | 1 Jenkins | 1 Testquality Updater | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password. | ||||
| CVE-2023-24447 | 1 Jenkins | 1 Rabbitmq Consumer | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password. | ||||
| CVE-2023-24446 | 1 Jenkins | 1 Openid | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-24437 | 1 Jenkins | 1 Jira Pipeline Steps | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-24434 | 1 Jenkins | 1 Github Pull Request Builder | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2025-27664 | 1 Printerlogic | 2 Vasion Print, Virtual Appliance | 2025-04-01 | 8.8 High |
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient CSRF Protection OVE-20230524-0008. | ||||
| CVE-2025-31751 | 2025-04-01 | 6.5 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in doit Breaking News WP allows Cross Site Request Forgery. This issue affects Breaking News WP: from n/a through 1.3. | ||||
| CVE-2025-31756 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in tuyennv TZ PlusGallery allows Cross Site Request Forgery. This issue affects TZ PlusGallery: from n/a through 1.5.5. | ||||
| CVE-2025-31769 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes allows Cross Site Request Forgery. This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through 1.5.5. | ||||
| CVE-2025-31775 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in smackcoders Google SEO Pressor Snippet allows Cross Site Request Forgery. This issue affects Google SEO Pressor Snippet: from n/a through 2.0. | ||||
| CVE-2025-31588 | 2025-04-01 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in elfsight Elfsight Testimonials Slider allows Cross Site Request Forgery. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1. | ||||
| CVE-2025-31583 | 2025-04-01 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Copy Media URL allows Stored XSS. This issue affects WP Copy Media URL: from n/a through 2.1. | ||||
| CVE-2025-31585 | 2025-04-01 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in leadfox Leadfox for WordPress allows Cross Site Request Forgery. This issue affects Leadfox for WordPress: from n/a through 2.1.8. | ||||
| CVE-2025-31572 | 2025-04-01 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in v20202020 Multi Days Events and Multi Events in One Day Calendar allows Cross Site Request Forgery. This issue affects Multi Days Events and Multi Events in One Day Calendar: from n/a through 1.1.3. | ||||