Export limit exceeded: 14414 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9952 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32093 | 1 Tpginc | 1 Tpg Redirect | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Criss Swaim TPG Redirect plugin <= 1.0.7 versions. | ||||
| CVE-2023-32092 | 1 Peepso | 1 Peepso | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin <= 6.0.9.0 versions. | ||||
| CVE-2023-32091 | 1 Poeditor | 1 Poeditor | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions. | ||||
| CVE-2023-31452 | 1 Paessler | 1 Prtg Network Monitor | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This could force PRTG to execute different actions, such as creating new users. The severity of this vulnerability is high and received a score of 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | ||||
| CVE-2023-31439 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 5.3 Medium |
| An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." | ||||
| CVE-2023-31438 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 5.3 Medium |
| An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." | ||||
| CVE-2023-31235 | 1 Xnau | 1 Participants Database | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.9 versions. | ||||
| CVE-2023-31230 | 1 Baidu-tongji-generator Project | 1 Baidu-tongji-generator | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2. | ||||
| CVE-2023-31218 | 1 Pluginus | 1 Wolf - Wordpress Posts Bulk Editor And Products Manager Professional | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions. | ||||
| CVE-2023-31216 | 1 Ultimatemember | 1 Ultimate Member | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plugin <= 2.6.0 versions. | ||||
| CVE-2023-31174 | 1 Selinc | 1 Sel-5037 Sel Grid Configurator | 2024-11-21 | 7.4 High |
| A Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | ||||
| CVE-2023-31093 | 1 Chronosly-events-calendar Project | 1 Chronosly-events-calendar | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly Events Calendar plugin <= 2.6.2 versions. | ||||
| CVE-2023-31089 | 1 Webternsolutions | 1 Video Xml Sitemap Generator | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Tradebooster Video XML Sitemap Generator.This issue affects Video XML Sitemap Generator: from n/a through 1.0.0. | ||||
| CVE-2023-31088 | 1 Floating Action Button Project | 1 Floating Action Button | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi Floating Action Button plugin <= 1.2.1 versions. | ||||
| CVE-2023-31087 | 1 Joomsky | 1 Js Job Manager | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. | ||||
| CVE-2023-31086 | 1 Ibenic | 1 Simple Giveaways | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin <= 2.46.0 versions. | ||||
| CVE-2023-31077 | 1 Myrecorp | 1 Export Wp Page To Static Html\/css | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin <= 2.1.9 versions. | ||||
| CVE-2023-31075 | 1 Ciphercoin | 1 Easy Hide Login | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Arshid Easy Hide Login.This issue affects Easy Hide Login: from n/a through 1.0.8. | ||||
| CVE-2023-30673 | 1 Samsung | 1 Smart Switch Pc | 2024-11-21 | 5.5 Medium |
| Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.23052_1 allows local attackers to delete arbitrary directory using directory junction. | ||||
| CVE-2023-30607 | 1 Icinga | 1 Icinga Web Jira Integration | 2024-11-21 | 5 Medium |
| icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version 1.3.2. There are no known workarounds. | ||||