| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in Maulik Vora WP Podcasts Manager wp-podcasts-manager allows Cross Site Request Forgery.This issue affects WP Podcasts Manager: from n/a through <= 1.3. |
| The Backup, Restore and Migrate your sites with XCloner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.8.2. This is due to missing or incorrect nonce validation on the Xcloner_Remote_Storage:save() function. This makes it possible for unauthenticated attackers to add or modify an FTP backup configuration via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Successful exploitation allows an attacker to set an attacker-controlled FTP site for backup storage and exfiltrate potentially sensitive site data. |
| Cross-Site Request Forgery (CSRF) vulnerability in Siteimprove.This issue affects Siteimprove: from n/a through 2.0.6.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Ertano MihanPanel.This issue affects MihanPanel: from n/a before 12.7.
|
|
A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820 Network switches. The vulnerability could be remotely exploited to allow execution of malicious code.
|
| The FunKItools plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the saveFields() function. This makes it possible for unauthenticated attackers to update plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive UK Regional Map interactive-uk-regional-map allows Cross Site Request Forgery.This issue affects Interactive UK Regional Map: from n/a through <= 2.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in Tekrom Technology Inc. T-Soft E-Commerce allows Cross Site Request Forgery.This issue affects T-Soft E-Commerce: through 28112025. |
| Cross-Site Request Forgery (CSRF) vulnerability in digitalfisherman Geotagged Media geotagged-media allows Stored XSS.This issue affects Geotagged Media: from n/a through <= 0.3.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in lucidcrew WP Forum Server forum-server allows Stored XSS.This issue affects WP Forum Server: from n/a through <= 1.8.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker easy-popup-lightbox-maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through <= 2.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Cross Site Request Forgery.This issue affects Cool Author Box: from n/a through <= 3.0.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.4.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Optimize.This issue affects LWS Optimize: from n/a through 1.9.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in mklacroix Product Configurator for WooCommerce product-configurator-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Configurator for WooCommerce: from n/a through <= 1.4.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in squiter Spoiler Block spoiler-block allows Stored XSS.This issue affects Spoiler Block: from n/a through <= 1.7. |
| Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through <= 1.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite rewrite allows Cross Site Request Forgery.This issue affects Rewrite: from n/a through <= 0.2.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Cross Site Request Forgery.This issue affects WP Fast Total Search: from n/a through <= 1.78.258. |
| Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design cf7-material-design allows Stored XSS.This issue affects Contact Form 7 Material Design: from n/a through <= 1.0.0. |
