Total
7225 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22692 | 1 Name Directory Project | 1 Name Directory | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Jeroen Peters Name Directory plugin <= 1.27.1 versions. | |||||
| CVE-2023-22714 | 1 Supsystic | 1 Coming Soon | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Coming Soon by Supsystic plugin <= 1.7.10 versions. | |||||
| CVE-2023-22709 | 1 Srs Simple Hits Counter Project | 1 Srs Simple Hits Counter | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple Hits Counter plugin <= 1.1.0 versions. | |||||
| CVE-2023-22688 | 1 Wp Tabs Slides Project | 1 Wp Tabs Slides | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Abdul Ibad WP Tabs Slides plugin <= 2.0.3 versions. | |||||
| CVE-2022-47134 | 1 Gallery Metabox Project | 1 Gallery Metabox | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Bill Erickson Gallery Metabox plugin <= 1.5 versions. | |||||
| CVE-2023-23890 | 1 Ljapps | 1 Wp Airbnb Review Slider | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in LJ Apps WP Airbnb Review Slider plugin <= 3.2 versions. | |||||
| CVE-2022-47142 | 1 Mediamatic | 1 Media Library Folders | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions. | |||||
| CVE-2023-24414 | 1 Robosoft | 1 Robogallery | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions. | |||||
| CVE-2023-32589 | 1 Pingonline | 1 Dyslexiefont Free | 2023-05-26 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin <= 1.0.0 versions. | |||||
| CVE-2023-25698 | 1 Studiowombat | 1 Shoppable Images | 2023-05-25 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Studio Wombat Shoppable Images plugin <= 1.2.3 versions. | |||||
| CVE-2023-27423 | 1 Mijnpress | 1 Auto Prune Posts | 2023-05-25 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken Auto Prune Posts plugin <= 1.8.0 versions. | |||||
| CVE-2023-27430 | 1 Mijnpress | 1 Mass Delete Unused Tags | 2023-05-25 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Ramon Fincken Mass Delete Unused Tags plugin <= 2.0.0 versions. | |||||
| CVE-2023-2631 | 1 Jenkins | 1 Code Dx | 2023-05-25 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | |||||
| CVE-2023-2195 | 1 Jenkins | 1 Code Dx | 2023-05-25 | N/A | 3.5 LOW |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL. | |||||
| CVE-2008-4128 | 1 Cisco | 2 871 Integrated Services Router, Ios | 2023-05-22 | 9.3 HIGH | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2023-2444 | 1 Rockwellautomation | 1 Factorytalk Vantagepoint | 2023-05-20 | N/A | 8.8 HIGH |
| A cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user clicks the link, the attacker could impersonate the legitimate user and send requests to the affected product. Additionally, if an attacker sends an untrusted link to a computer that is not on the same domain as the server and a user opens the FactoryTalk Vantagepoint website, enters credentials for the FactoryTalk Vantagepoint server, and clicks on the malicious link a cross site request forgery attack would be successful as well. | |||||
| CVE-2022-45846 | 1 Wpmart | 1 Interactive Svg Image Map Builder | 2023-05-16 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin < 5.6.9 versions. | |||||
| CVE-2015-5698 | 1 Siemens | 2 Simatic S7 1200 Cpu, Simatic S7 1200 Cpu Firmware | 2023-05-15 | 7.5 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2023-2552 | 1 Bumsys Project | 1 Bumsys | 2023-05-10 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1. | |||||
| CVE-2023-1965 | 1 Gitlab | 1 Gitlab | 2023-05-09 | N/A | 6.5 MEDIUM |
| An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access tokens granted for 3rd party Group SAML SSO logins. This feature isn't enabled by default. | |||||