CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46794 – WordPress WooCommerce Weight Based Shipping Plugin <= 5.4.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-46794
13 Mar 2023 — The WooCommerce Weight Based Shipping plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.1. • https://patchstack.com/database/vulnerability/weight-based-shipping-for-woocommerce/wordpress-woocommerce-weight-based-shipping-plugin-5-4-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28154 – webpack JS package <= 5.75.0 - Sandbox Bypass
https://notcve.org/view.php?id=CVE-2023-28154
13 Mar 2023 — Some WordPress plugins and themes use this dependency, however, are not vulnerable to exploitation. • https://github.com/webpack/webpack/compare/v5.75.0...v5.76.0 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28172 – WordPress WP Google Map Plugin Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-28172
13 Mar 2023 — Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin) plugin <= 4.4.2 versions. Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin) plugin <= 4.4.2 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) de flippercode en el complemento WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin) en ... • https://patchstack.com/database/vulnerability/wp-google-map-plugin/wordpress-wp-maps-plugin-4-4-2-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27611 – WordPress Reusable Blocks Extended Plugin <= 0.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27611
13 Mar 2023 — The Reusable Blocks Extended plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.9. • https://patchstack.com/database/vulnerability/reusable-blocks-extended/wordpress-reusable-blocks-extended-plugin-0-9-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27634 – WordPress Intrepidity Theme <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27634
13 Mar 2023 — The Intrepidity theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.1. • https://patchstack.com/database/vulnerability/intrepidity/wordpress-intrepidity-theme-1-5-1-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27423 – WordPress Auto Prune Posts Plugin <= 1.8.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27423
10 Mar 2023 — The Auto Prune Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.0. • https://patchstack.com/database/vulnerability/auto-prune-posts/wordpress-auto-prune-posts-plugin-1-8-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27430 – WordPress Mass Delete Unused Tags Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27430
10 Mar 2023 — The Mass Delete Unused Tags plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.0. • https://patchstack.com/database/vulnerability/mass-delete-unused-tags/wordpress-mass-delete-unused-tags-plugin-2-0-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23802 – WordPress HT Easy GA4 ( Google Analytics 4 ) Plugin <= 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-23802
08 Mar 2023 — The HT Easy GA4 ( Google Analytics 4 ) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.6. • https://patchstack.com/database/vulnerability/ht-easy-google-analytics/wordpress-ht-easy-ga4-google-analytics-4-plugin-1-0-6-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25449 – WordPress CformsII Plugin <=15.0.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25449
08 Mar 2023 — The cformsII plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 15.0.4. • https://patchstack.com/database/vulnerability/cforms2/wordpress-cformsii-plugin-15-0-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25450 – WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25450
08 Mar 2023 — The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.25.1. • https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-25-1-cross-site-request-forgery-csrf-via-give-cache-flush-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •