Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7225 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25709 1 Plainware 1 Locatoraid 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.11 versions.
CVE-2023-23974 1 Fullworksplugins 1 Quick Event Manager 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update).
CVE-2023-23983 1 Wpdevart 1 Responsive Vertical Icon Menu 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 can lead to theme deletion.
CVE-2023-23899 1 Hasthemes 1 Extensions For Cf7 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation.
CVE-2023-23992 1 Automatorwp 1 Automatorwp 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.
CVE-2023-23861 1 Gmace Project 1 Gmace 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in German Mesky GMAce plugin <= 1.5.2 versions.
CVE-2023-24384 1 Wpdevart 1 Organization Chart 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart <= 1.4.4 versions.
CVE-2023-25170 1 Prestashop 1 Prestashop 2023-11-07 N/A 8.8 HIGH
PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). When authenticating users, PrestaShop preserves session attributes. Because this does not clear CSRF tokens upon login, this might enable same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. The problem is fixed in version 8.0.1.
CVE-2023-24377 1 Lightspeedhq 1 Ecwid Ecommerce Shopping Cart 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions.
CVE-2023-24382 1 Material Design Icons For Page Builders Project 1 Material Design Icons For Page Builders 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions.
CVE-2023-24419 1 Strategy11 1 Formidable Form Builder 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Form Builder Team Formidable Forms plugin <= 5.5.6 versions.
CVE-2023-23973 1 A3rev 1 Contact Us Page - Contact People 2023-11-07 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0.
CVE-2023-23865 1 Checkoutplugins 1 Stripe Payments For Woocommerce 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce plugin <= 1.4.10 leads to settings change.
CVE-2023-25066 1 Foliovision 1 Fv Flowplayer Video Player 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions.
CVE-2023-23984 1 Wow-company 1 Bubble Menu 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion.
CVE-2023-24388 1 Wpdevart 1 Booking Calendar 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
CVE-2023-25065 1 Shapedplugin 1 Wp Tabs 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions.
CVE-2023-22681 1 Online Exam Software \ 1 Eexamhall Project 2023-11-07 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Aarvanshinfotech Online Exam Software: eExamhall plugin <= 4.0 versions.
CVE-2023-23721 1 Admin Log Project 1 Admin Log 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer Admin Log plugin <= 1.50 versions.
CVE-2023-22700 1 Pixelyoursite 1 Pixelyoursite 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager plugin <= 9.3.0 versions.