CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41633 – WordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-41633
20 Feb 2023 — The Community by PeepSo plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.0.2.0. • https://patchstack.com/database/vulnerability/peepso-core/wordpress-community-by-peepso-plugin-6-0-2-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25986 – WordPress PayGreen Plugin <= 4.10.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25986
20 Feb 2023 — The PayGreen – Ancienne version plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.10.2. • https://patchstack.com/database/vulnerability/paygreen-woocommerce/wordpress-paygreen-plugin-4-10-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25994 – WordPress Publish to Schedule Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25994
20 Feb 2023 — The Publish to Schedule plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.2. • https://patchstack.com/database/vulnerability/publish-to-schedule/wordpress-publish-to-schedule-plugin-4-4-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26326 – BuddyForms <= 2.7.7 - PHAR Deserialization
https://notcve.org/view.php?id=CVE-2023-26326
20 Feb 2023 — The BuddyForms WordPress plugin, in versions prior to 2.7.8, was affected by an unauthenticated insecure deserialization issue. ... The BuddyForms plugin for WordPress is vulnerable to deserialization of untrusted input via the 'url' parameter in versions up to, and including 2.7.7. • https://www.tenable.com/security/research/tra-2023-7 • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25991 – WordPress RegistrationMagic Plugin <= 5.1.9.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25991
17 Feb 2023 — The RegistrationMagic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.9.2. • https://patchstack.com/database/vulnerability/custom-registration-form-builder-with-submission-manager/wordpress-registrationmagic-custom-registration-forms-user-registration-and-user-login-plugin-plugin-5-1-9-2-multiple-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23706 – WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Plugin <= 7.5.14 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-23706
15 Feb 2023 — Cross-Site Request Forgery (CSRF) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions. Cross-Site Request Forgery (CSRF) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions. The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... • https://patchstack.com/database/vulnerability/miniorange-login-openid/wordpress-wordpress-social-login-and-register-discord-google-twitter-linkedin-plugin-7-5-14-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23724 – WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.9.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-23724
15 Feb 2023 — The WordPress Email Marketing Plugin – WP Email Capture plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.9.3. • https://patchstack.com/database/vulnerability/wp-email-capture/wordpress-wordpress-email-marketing-plugin-wp-email-capture-plugin-3-9-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25448 – WordPress Archivist – Custom Archive Templates Plugin <= 1.7.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25448
15 Feb 2023 — The Archivist – Custom Archive Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.4. • https://patchstack.com/database/vulnerability/archivist-custom-archive-templates/wordpress-archivist-custom-archive-templates-plugin-1-7-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25481 – WordPress Podlove Subscribe button Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25481
15 Feb 2023 — The Podlove Subscribe button plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.7. • https://patchstack.com/database/vulnerability/podlove-subscribe-button/wordpress-podlove-subscribe-button-plugin-1-3-7-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25707 – WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25707
15 Feb 2023 — The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.12. • https://patchstack.com/database/vulnerability/vikbooking/wordpress-vikbooking-hotel-booking-engine-pms-plugin-1-5-12-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •