| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin <= 1.0.0 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Bill Erickson Gallery Metabox plugin <= 1.5 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in User Meta Manager plugin <= 3.4.9 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Bob Goetz WP-TopBar plugin <= 5.36 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Abdul Ibad WP Tabs Slides plugin <= 2.0.3 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Jeroen Peters Name Directory plugin <= 1.27.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Coming Soon by Supsystic plugin <= 1.7.10 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Nicearma DNUI plugin <= 2.8.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Julian Weinert // cs&m Hover Image plugin <= 1.4.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Block Design, Style, CSS for ANY Gutenberg Blocks plugin <= 0.2.6 versions. |
| The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.8. This is due to missing or incorrect nonce validation on the stm_header_builder page. This makes it possible for unauthenticated attackers to delete arbitrary headers via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| The Woocommerce check pincode/zipcode for shipping plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Crayon Syntax Highlighter plugin <= 2.8.4 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.5.4 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum plugin <= 2.2.0 versions. |
