CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47135 – WordPress Chronoforms Plugin <= 7.0.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47135
14 Mar 2023 — The Chronoforms plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.0.9. • https://patchstack.com/database/vulnerability/chronoforms/wordpress-chronoforms-plugin-7-0-9-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47138 – WordPress LOGIN AND REGISTRATION ATTEMPTS LIMIT Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47138
14 Mar 2023 — The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. • https://patchstack.com/database/vulnerability/login-attempts-limit-wp/wordpress-login-and-registration-attempts-limit-plugin-2-1-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47139 – WordPress WP Basic Elements Plugin <= 5.2.15 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47139
14 Mar 2023 — The WP Basic Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.2.15. • https://patchstack.com/database/vulnerability/wp-basic-elements/wordpress-wp-basic-elements-plugin-5-2-15-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47447 – WordPress WP-Advanced-Search Plugin <= 3.3.8 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47447
14 Mar 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin <= 3.3.8 versions. The WP-Advanced-Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.8. ... Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin <= 3.3.8 versions. • https://patchstack.com/database/vulnerability/wp-advanced-search/wordpress-wp-advanced-search-plugin-3-3-8-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47448 – WordPress xili-tidy-tags Plugin <= 1.12.03 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47448
14 Mar 2023 — The xili-tidy-tags plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.03. • https://patchstack.com/database/vulnerability/xili-tidy-tags/wordpress-xili-tidy-tags-plugin-1-12-03-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28167 – WordPress CF7 Invisible reCAPTCHA Plugin <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-28167
14 Mar 2023 — The CF7 Invisible reCAPTCHA plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.3. • https://patchstack.com/database/vulnerability/cf7-invisible-recaptcha/wordpress-cf7-invisible-recaptcha-plugin-1-3-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28173 – WordPress Google XML Sitemap for Images Plugin <= 2.1.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-28173
14 Mar 2023 — The Google XML Sitemap for Images plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.3. • https://patchstack.com/database/vulnerability/google-image-sitemap/wordpress-google-xml-sitemap-for-images-plugin-2-1-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27633 – WordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27633
14 Mar 2023 — The Customify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.10.4. • https://patchstack.com/database/vulnerability/customify/wordpress-customify-plugin-2-10-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47180 – WordPress Kopa Framework Plugin <= 1.3.5 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47180
13 Mar 2023 — The Kopa Framework plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.5. • https://patchstack.com/database/vulnerability/kopatheme/wordpress-kopa-framework-plugin-1-3-5-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0820 – User Role by BestWebSoft < 1.6.7 - Privilege Escalation via CSRF
https://notcve.org/view.php?id=CVE-2023-0820
13 Mar 2023 — The User Role by BestWebSoft WordPress plugin before 1.6.7 does not protect against CSRF in requests to update role capabilities, leading to arbitrary privilege escalation of any role. The User Role by BestWebSoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.6. • https://wpscan.com/vulnerability/b93d9f9d-0fd9-49b8-b465-d32b95351912 • CWE-352: Cross-Site Request Forgery (CSRF) •