CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46865 – WordPress Bulk Resize Media Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-46865
16 Mar 2023 — The Bulk Resize Media plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. • https://patchstack.com/database/vulnerability/bulk-resize-media/wordpress-bulk-resize-media-plugin-1-1-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46866 – WordPress Import External Images Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-46866
16 Mar 2023 — The Import External Images plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4. • https://patchstack.com/database/vulnerability/import-external-images/wordpress-import-external-images-plugin-1-4-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22673 – WordPress Website Monetization by MageNet Plugin <= 1.0.29.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-22673
16 Mar 2023 — The Website Monetization by MageNet plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.29.1. • https://patchstack.com/database/vulnerability/website-monetization-by-magenet/wordpress-website-monetization-by-magenet-plugin-1-0-29-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28419 – WordPress Force First and Last Name as Display Name Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-28419
16 Mar 2023 — The Force First and Last Name as Display Name plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2. • https://patchstack.com/database/vulnerability/force-first-last/wordpress-force-first-and-last-name-as-display-name-plugin-1-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28420 – WordPress Custom Options Plus Plugin <= 1.8.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-28420
16 Mar 2023 — The Custom Options Plus plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. • https://patchstack.com/database/vulnerability/custom-options-plus/wordpress-custom-options-plus-plugin-1-8-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47445 – WordPress Be POPIA Compliant Plugin <= 1.2.0 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2022-47445
15 Mar 2023 — The Be POPIA Compliant plugin for WordPress is vulnerable to SQL Injection via the 'check_id' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on an existing SQL query. • https://patchstack.com/database/vulnerability/be-popia-compliant/wordpress-be-popia-compliant-plugin-1-2-0-sql-injection? • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47446 – WordPress Store Locator Plugin <= 3.98.7 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47446
15 Mar 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Viadat Creations Store Locator for WordPress with Google Maps – LotsOfLocales plugin <= 3.98.7 versions. The Store Locator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.98.7. ... Cross-Site Request Forgery (CSRF) vulnerability in Viadat Creations Store Locator for WordPress with Google Maps – LotsOfLocales plugin <= 3.98.7 versions. • https://patchstack.com/database/vulnerability/store-locator/wordpress-store-locator-for-wordpress-with-google-maps-lotsoflocales-plugin-3-98-7-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28497 – WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-28497
15 Mar 2023 — The Slideshow Gallery LITE plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6. • https://patchstack.com/database/vulnerability/slideshow-gallery/wordpress-slideshow-gallery-lite-plugin-1-7-6-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24395 – WordPress Contact Form 7 Redirect & Thank You Page Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-24395
15 Mar 2023 — The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.3. • https://patchstack.com/database/vulnerability/cf7-redirect-thank-you-page/wordpress-contact-form-7-redirect-thank-you-page-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25055 – WordPress Google XML Sitemap for Videos Plugin <= 2.6.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25055
15 Mar 2023 — The Google XML Sitemap for Videos plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.1. • https://patchstack.com/database/vulnerability/xml-sitemaps-for-videos/wordpress-google-xml-sitemap-for-videos-plugin-2-6-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •