CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26531 – WordPress 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 Plugin <= 4.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-26531
24 Feb 2023 — The 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.2.5. • https://patchstack.com/database/vulnerability/baidu-submit-link/wordpress-baidu-google-bing-indexnow-yandex-plugin-4-2-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26542 – WordPress phpinfo() WP Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-26542
24 Feb 2023 — The phpinfo() WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0. • https://patchstack.com/database/vulnerability/phpinfo-wp/wordpress-phpinfo-wp-plugin-3-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23861 – WordPress GMAce Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-23861
23 Feb 2023 — The GMAce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.2. • https://patchstack.com/database/vulnerability/gmace/wordpress-gmace-plugin-1-5-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24007 – WordPress Admin Block Country Plugin <= 7.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-24007
23 Feb 2023 — The Admin Block Country plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1.4. • https://patchstack.com/database/vulnerability/admin-block-country/wordpress-admin-block-country-plugin-7-1-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25038 – WordPress For the visually impaired Plugin <= 0.58 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25038
23 Feb 2023 — The For the visually impaired plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.58. • https://patchstack.com/database/vulnerability/for-the-visually-impaired/wordpress-for-the-visually-impaired-plugin-0-58-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25985 – WordPress WordPress Tooltips Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25985
23 Feb 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Tomas | Docs | FAQ | Premium Support WordPress Tooltips. Este problema afecta a WordPress Tooltips: desde n/a hasta 8.2.5. The WordPress Tooltips plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, ... • https://patchstack.com/database/vulnerability/wordpress-tooltips/wordpress-wordpress-tooltips-plugin-8-2-5-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25987 – WordPress YouTube Channel Plugin <= 3.23.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25987
23 Feb 2023 — The My YouTube Channel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.23.3. • https://patchstack.com/database/vulnerability/youtube-channel/wordpress-my-youtube-channel-plugin-3-23-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45805 – WordPress Paytm Payment Gateway Plugin <= 2.7.3 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2022-45805
22 Feb 2023 — The Paytm Payment Gateway plugin for WordPress is vulnerable to generic SQL Injection via the ‘post’ parameter in versions up to, and including, 2.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. • https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-3-auth-sql-injection-sqli-vulnerability? • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25967 – WordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25967
22 Feb 2023 — The Community by PeepSo plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.0.2.0. • https://patchstack.com/database/vulnerability/peepso-core/wordpress-community-by-peepso-social-network-membership-registration-user-profiles-plugin-6-0-2-0-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25968 – WordPress Client Portal – Private user pages and login Plugin <= 1.1.8 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25968
22 Feb 2023 — The Client Portal – Private user pages and login plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.8. • https://patchstack.com/database/vulnerability/client-portal/wordpress-client-portal-plugin-1-1-8-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •