Export limit exceeded: 364870 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9419 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45073 | 1 Miniorange | 1 Wordpress Rest Api Authentication | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in REST API Authentication plugin <= 2.4.0 on WordPress. | ||||
| CVE-2022-44740 | 1 Constantcontact | 1 Creative Mail | 2025-02-20 | 5.4 Medium |
| Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress. | ||||
| CVE-2022-40695 | 1 Clogica | 1 Seo Redirection | 2025-02-20 | 5.4 Medium |
| Multiple Cross-Site Scripting (CSRF) vulnerabilities in SEO Redirection Plugin plugin <= 8.9 on WordPress. | ||||
| CVE-2022-41634 | 1 Maxfoundry | 1 Media Library Folders | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folders plugin <= 7.1.1 on WordPress. | ||||
| CVE-2022-34654 | 1 Freeamigos | 1 Manage Notification E-mails | 2025-02-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in Virgial Berveling's Manage Notification E-mails plugin <= 1.8.2 on WordPress. | ||||
| CVE-2022-26366 | 1 Adrotate Banner Manager Project | 1 Adrotate Banner Manager | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress. | ||||
| CVE-2022-29489 | 1 Sucuri | 1 Security | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation. | ||||
| CVE-2023-37391 | 1 Wpmobilepack | 1 Wordpress Mobile Pack | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps plugin <= 3.4.1 versions. | ||||
| CVE-2023-34185 | 1 Wordpress Nextgen Galleryview Project | 1 Wordpress Nextgen Galleryview | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions. | ||||
| CVE-2023-34029 | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications Project | 1 Disable Wordpress Update Notifications And Auto-update Email Notifications | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable WordPress Update Notifications and auto-update Email Notifications plugin <= 2.3.3 versions. | ||||
| CVE-2023-37968 | 1 Faboba | 1 Falang | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. | ||||
| CVE-2023-37992 | 1 Presspage | 1 Smarty For Wordpress | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | ||||
| CVE-2023-37996 | 1 Gtmetrix | 1 Gtmetrix | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. | ||||
| CVE-2023-44233 | 1 Fooplugins | 1 Foogallery | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in FooPlugins Best WordPress Gallery Plugin – FooGallery plugin <= 2.2.44 versions. | ||||
| CVE-2023-41694 | 1 Realbig | 1 Realbig | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Realbig Team Realbig For WordPress plugin <= 1.0.3 versions. | ||||
| CVE-2023-45052 | 1 Dan009 | 1 Wp Bing Map Pro | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP Bing Map Pro plugin < 5.0 versions. | ||||
| CVE-2023-41131 | 1 Followingmedarling | 1 Spotify Play Button | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <= 2.10 versions. | ||||
| CVE-2023-45831 | 1 Pixelative | 1 Google Amp | 2025-02-19 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Pixelative, Mohsin Rafique AMP WP – Google AMP For WordPress plugin <= 1.5.15 versions. | ||||
| CVE-2023-5802 | 1 Wpknowledgebase | 1 Wp Knowledgebase | 2025-02-19 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mihai Iova WordPress Knowledge base & Documentation Plugin – WP Knowledgebase plugin <= 1.3.4 versions. | ||||
| CVE-2025-0865 | 2025-02-19 | 6.5 Medium | ||
| The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation on the wp_mcm_handle_action_settings() function. This makes it possible for unauthenticated attackers to alter plugin settings, such as the taxonomy used for media, the base slug for media categories, and the default media category via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||