CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25066 – WordPress FV Flowplayer Video Player Plugin <= 7.5.30.7212 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25066
02 Feb 2023 — The FV Flowplayer Video Player plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.5.30.7210. • https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-flowplayer-video-player-plugin-7-5-30-7212-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45350 – WordPress Simple History Plugin <= 3.3.1 is vulnerable to CSV Injection
https://notcve.org/view.php?id=CVE-2022-45350
02 Feb 2023 — The Simple History plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 3.3.1. • https://patchstack.com/database/vulnerability/simple-history/wordpress-simple-history-plugin-3-3-1-csv-injection-vulnerability? • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45357 – WordPress 1003 Mortgage Application Plugin <= 1.75 is vulnerable to CSV Injection
https://notcve.org/view.php?id=CVE-2022-45357
02 Feb 2023 — The 1003 Mortgage Application plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.75. • https://patchstack.com/database/vulnerability/1003-mortgage-application/wordpress-1003-mortgage-application-plugin-1-73-csv-injection? • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45360 – WordPress Commenter Emails Plugin <= 2.6.1 is vulnerable to CSV Injection
https://notcve.org/view.php?id=CVE-2022-45360
02 Feb 2023 — The Commenter Emails plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 2.6.1. • https://patchstack.com/database/vulnerability/commenter-emails/wordpress-commenter-emails-plugin-2-6-1-csv-injection? • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45376 – WordPress Side Cart Woocommerce (Ajax) Plugin < 2.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-45376
02 Feb 2023 — The Side Cart Woocommerce (Ajax) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions before 2.1. • https://patchstack.com/database/vulnerability/side-cart-woocommerce/wordpress-side-cart-woocommerce-ajax-plugin-2-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44738 – WordPress Posts and Users Stats Plugin <= 1.1.3 is vulnerable to CSV Injection
https://notcve.org/view.php?id=CVE-2022-44738
02 Feb 2023 — The Posts and Users Stats plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.1.3. • https://patchstack.com/database/vulnerability/posts-and-users-stats/wordpress-posts-and-users-stats-plugin-1-1-3-csv-injection-vulnerability? • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45076 – WordPress Flexible Elementor Panel Plugin <= 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-45076
02 Feb 2023 — The Flexible Elementor Panel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.8. • https://patchstack.com/database/vulnerability/flexible-elementor-panel/wordpress-flexible-elementor-panel-plugin-2-3-8-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22689 – WordPress Auto Affiliate Links Plugin <= 6.3 is vulnerable to Broken Access Control
https://notcve.org/view.php?id=CVE-2023-22689
02 Feb 2023 — The Auto Affiliate Links plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.0.1. • https://patchstack.com/database/vulnerability/wp-auto-affiliate-links/wordpress-auto-affiliate-links-plugin-6-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24419 – WordPress Formidable Forms Plugin <= 5.5.6 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-24419
01 Feb 2023 — The Formidable Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.5.6. • https://patchstack.com/database/vulnerability/formidable/wordpress-formidable-forms-plugin-5-5-6-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24414 – WordPress Robo Gallery Plugin <= 3.2.11 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-24414
30 Jan 2023 — The Robo Gallery Plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.11. • https://patchstack.com/database/vulnerability/robo-gallery/wordpress-photo-gallery-images-slider-in-rbs-image-gallery-plugin-3-2-11-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •