Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7225 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-10381 1 User Domain Whitelist Project 1 User Domain Whitelist 2019-08-21 6.8 MEDIUM 8.8 HIGH
The user-domain-whitelist plugin before 1.5 for WordPress has CSRF.
CVE-2017-18547 1 Neliosoftware 1 Nelio Ab Testing 2019-08-21 6.8 MEDIUM 8.8 HIGH
The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms.
CVE-2018-20971 1 Churchadminplugin 1 Church Admin 2019-08-21 6.8 MEDIUM 8.8 HIGH
The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.
CVE-2017-18546 1 Jayj Quicktag Project 1 Jayj Quicktag 2019-08-21 6.8 MEDIUM 8.8 HIGH
The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF.
CVE-2017-18544 1 Invite Anyone Project 1 Invite Anyone 2019-08-21 6.8 MEDIUM 8.8 HIGH
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.
CVE-2018-20972 1 Codeermeneer 1 Companion Auto Update 2019-08-21 6.8 MEDIUM 8.8 HIGH
The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.
CVE-2018-20974 1 Joomsky 1 Js Job Manager 2019-08-21 6.8 MEDIUM 8.8 HIGH
The js-jobs plugin before 1.0.7 for WordPress has CSRF.
CVE-2019-15113 1 Codeermeneer 1 Companion Sitemap Generator 2019-08-21 6.8 MEDIUM 8.8 HIGH
The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF.
CVE-2019-15114 1 Ncrafts 1 Formcraft 2019-08-21 6.8 MEDIUM 8.8 HIGH
The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF.
CVE-2019-14681 1 Deny All Firewall Project 1 Deny All Firewall 2019-08-20 6.8 MEDIUM 8.8 HIGH
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=daf_settings&daf_remove=true CSRF.
CVE-2013-7476 1 Simple Fields Project 1 Simple Fields 2019-08-20 6.8 MEDIUM 8.8 HIGH
The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface.
CVE-2016-10883 1 Mijnpress 1 Simple Add Pages Or Posts 2019-08-20 5.8 MEDIUM 6.5 MEDIUM
The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users.
CVE-2017-18512 1 Supsystic 1 Newsletter By Supsystic 2019-08-20 6.8 MEDIUM 8.8 HIGH
The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.
CVE-2017-18511 1 Wpmudev 1 Custom Sidebars 2019-08-20 6.8 MEDIUM 8.8 HIGH
The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF.
CVE-2017-18510 1 Wpmudev 1 Custom Sidebars 2019-08-20 6.8 MEDIUM 8.8 HIGH
The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions.
CVE-2018-20968 1 Smackcoders 1 Ultimate Exporter 2019-08-19 6.8 MEDIUM 8.8 HIGH
The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.
CVE-2016-10882 1 Google Doc Embedder Project 1 Google Doc Embedder 2019-08-19 6.8 MEDIUM 8.8 HIGH
The google-document-embedder plugin before 2.6.2 for WordPress has CSRF.
CVE-2019-14679 1 Reputeinfosystems 1 Arprice Lite 2019-08-19 4.3 MEDIUM 6.5 MEDIUM
core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arplite_import_export CSRF.
CVE-2016-10863 1 Edimax 4 7237rpd, 7237rpd Firmware, Ew-7438rpn Mini and 1 more 2019-08-16 6.8 MEDIUM 8.8 HIGH
Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure.
CVE-2017-18504 1 Wpdeveloper 1 Twitter Cards Meta 2019-08-16 6.8 MEDIUM 8.8 HIGH
The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF.