| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in v20202020 Multi Days Events and Multi Events in One Day Calendar allows Cross Site Request Forgery. This issue affects Multi Days Events and Multi Events in One Day Calendar: from n/a through 1.1.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in leadfox Leadfox for WordPress allows Cross Site Request Forgery. This issue affects Leadfox for WordPress: from n/a through 2.1.8. |
| Path Traversal vulnerability in Bit Apps Bit Assist allows Path Traversal. This issue affects Bit Assist: from n/a through 1.5.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in Clearbit Clearbit Reveal allows Cross Site Request Forgery. This issue affects Clearbit Reveal: from n/a through 1.0.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator allows Cross Site Request Forgery. This issue affects Labinator Content Types Duplicator: from n/a through 1.1.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui JSON Structuring Markup allows Stored XSS. This issue affects JSON Structuring Markup: from n/a through 0.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in WPExperts.io WP Multistore Locator allows Cross Site Request Forgery. This issue affects WP Multistore Locator: from n/a through 2.5.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in N-Media Bulk Product Sync allows Cross Site Request Forgery. This issue affects Bulk Product Sync: from n/a through 8.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce allows Cross Site Request Forgery. This issue affects Product Notices for WooCommerce: from n/a through 1.3.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor allows Cross Site Request Forgery. This issue affects SCSS WP Editor: from n/a through 1.1.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in digireturn DN Footer Contacts allows Cross Site Request Forgery. This issue affects DN Footer Contacts: from n/a through 1.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in Infoway LLC Ebook Downloader allows Cross Site Request Forgery. This issue affects Ebook Downloader: from n/a through 1.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in digireturn Simple Fixed Notice allows Cross Site Request Forgery. This issue affects Simple Fixed Notice: from n/a through 1.6. |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php. |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. |
| If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. |
| When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack |
