| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing nonce validation on the delumet_options_page() function. This makes it possible for unauthenticated attackers to remove user meta for arbitrary users via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. |
| Cross-Site Request Forgery (CSRF) in GitHub repository chiefonboarding/chiefonboarding prior to v2.0.47. |
| The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4. This is due to missing or incorrect nonce validation on the fnsf_delete_posts function. This makes it possible for unauthenticated attackers to delete arbitrary posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21.
|
| Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Product Bundles for WooCommerce.This issue affects WPC Product Bundles for WooCommerce: from n/a through 7.3.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Duplicator Duplicator – WordPress Migration & Backup Plugin.This issue affects Duplicator – WordPress Migration & Backup Plugin: from n/a through 1.5.7.
|
| Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18.
|
| Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in ThemeHigh Job Manager & Career – Manage job board listings, and recruitments.This issue affects Job Manager & Career – Manage job board listings, and recruitments: from n/a through 1.4.4.
|
| Cross-Site Request Forgery (CSRF) vulnerability in GS Plugins Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation.This issue affects Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation: from n/a through 3.5.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClassifieds.This issue affects TerraClassifieds: from n/a through 2.0.3.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Rise Themes Rise Blocks – A Complete Gutenberg Page Builder.This issue affects Rise Blocks – A Complete Gutenberg Page Builder: from n/a through 3.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in WebbaPlugins Appointment & Event Booking Calendar Plugin – Webba Booking.This issue affects Appointment & Event Booking Calendar Plugin – Webba Booking: from n/a through 4.5.33.
|
| Cross-Site Request Forgery (CSRF) vulnerability in WPExpertsio New User Approve.This issue affects New User Approve: from n/a through 2.5.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Add Any Extension to Pages.This issue affects Add Any Extension to Pages: from n/a through 1.4.
|
| In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible |
