| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in philippe No Disposable Email no-disposable-email allows Stored XSS.This issue affects No Disposable Email: from n/a through <= 2.5.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in codemstory 워드프레스 결제 심플페이 pgall-for-woocommerce allows Cross Site Request Forgery.This issue affects 워드프레스 결제 심플페이: from n/a through <= 5.2.11. |
| Cross-Site Request Forgery (CSRF) vulnerability in desertthemes NewsMash newsmash allows Cross Site Request Forgery.This issue affects NewsMash: from n/a through <= 1.0.34. |
| Cross-Site Request Forgery (CSRF) vulnerability in WPSOLR WPSolr wpsolr-free allows Privilege Escalation.This issue affects WPSolr: from n/a through <= 24.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in Hieu Nguyen WATI Chat and Notification wati-chat-and-notification allows Stored XSS.This issue affects WATI Chat and Notification: from n/a through <= 1.1.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Jordy Meow Photo Engine wplr-sync allows Cross Site Request Forgery.This issue affects Photo Engine: from n/a through <= 6.4.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in Hasina77 Wp Easy Allopass wordpress-easy-allopass allows Cross Site Request Forgery.This issue affects Wp Easy Allopass: from n/a through <= 4.1.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in Mahbubur Rahman Post Meta post-meta allows Reflected XSS.This issue affects Post Meta: from n/a through <= 1.0.9. |
| Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking wp-ride-booking allows Cross Site Request Forgery.This issue affects WP Ride Booking: from n/a through <= 2.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in A. Chappard Display Template Name display-template-name allows Cross Site Request Forgery.This issue affects Display Template Name: from n/a through <= 1.7.1. |
| Path Traversal: '.../...//' vulnerability in VaultDweller Leyka leyka allows PHP Local File Inclusion.This issue affects Leyka: from n/a through <= 3.32.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in KeyCAPTCHA KeyCAPTCHA keycaptcha allows Stored XSS.This issue affects KeyCAPTCHA: from n/a through <= 2.5.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in hogash KALLYAS kallyas allows Cross Site Request Forgery.This issue affects KALLYAS: from n/a through < 4.25.0. |
| The AlT Monitoring plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the 'ALT_Monitoring_edit' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| Exagate SYSGuard 6001 contains a cross-site request forgery vulnerability that allows attackers to create unauthorized admin accounts through a crafted HTML form. Attackers can trick users into submitting a malicious form to /kulyon.php that adds a new user with administrative privileges without the victim's consent. |
| Cross-Site Request Forgery (CSRF) vulnerability in Taylor Hawkes WP Fast Cache allows Cross Site Request Forgery.This issue affects WP Fast Cache: from n/a through 1.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just Variables just-wp-variables allows Cross Site Request Forgery.This issue affects Just Variables: from n/a through <= 1.2.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms gf-google-address-autocomplete allows Cross Site Request Forgery.This issue affects Address Autocomplete via Google for Gravity Forms: from n/a through <= 1.3.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through <= 3.9. |
| Cross-Site Request Forgery (CSRF) vulnerability in qusupport LiveAgent liveagent allows Cross Site Request Forgery.This issue affects LiveAgent: from n/a through <= 4.4.7. |
