CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48323 – WordPress Awesome Support Plugin <= 6.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-48323
23 Nov 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.4. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin permite Cross Site Request Forgery. Este problema afecta a Awesome Support – WordPress HelpD... • https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-wordpress-helpdesk-support-plugin-plugin-6-1-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48328 – WordPress NextGEN Gallery Plugin <= 3.37 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-48328
23 Nov 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery allows Cross Site Request Forgery.This issue affects WordPress Gallery Plugin – NextGEN Gallery: from n/a through 3.37. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Imagely WordPress Gallery Plugin – NextGEN Gallery permite Cross-Site Request Forgery. Este problema afecta a WordPress Gallery Plugin – NextGEN Gallery: desde n/a hasta 3.37. The NextGEN Gallery plugin for ... • https://patchstack.com/database/vulnerability/nextgen-gallery/wordpress-wordpress-gallery-plugin-nextgen-gallery-plugin-3-37-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48330 – WordPress Bulk Comment Remove Plugin <= 2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-48330
23 Nov 2023 — The Bulk Comment Remove plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2. • https://patchstack.com/database/vulnerability/bulk-comment-remove/wordpress-bulk-comment-remove-plugin-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48331 – WordPress MyBookTable Bookstore Plugin <= 3.3.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-48331
23 Nov 2023 — The MyBookTable Bookstore plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.3. • https://patchstack.com/database/vulnerability/mybooktable/wordpress-mybooktable-bookstore-by-stormhill-media-plugin-3-3-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48334 – WordPress League Table Plugin <= 1.13 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-48334
23 Nov 2023 — The League Table plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.13. • https://patchstack.com/database/vulnerability/league-table-lite/wordpress-league-table-plugin-1-13-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6137 – WordPress Frontier Post Plugin <= 6.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-6137
23 Nov 2023 — The Frontier Post plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.1. • https://patchstack.com/database/vulnerability/frontier-post/wordpress-frontier-post-plugin-6-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48282 – WordPress Taxonomy filter Plugin <= 2.2.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-48282
23 Nov 2023 — The Taxonomy filter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.9. • https://patchstack.com/database/vulnerability/taxonomy-filter/wordpress-taxonomy-filter-plugin-2-2-9-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48738 – WordPress Porto Theme - Functionality Plugin < 2.12.1 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-48738
23 Nov 2023 — The Porto Theme - Functionality plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 2.11.1 due to insufficient escaping on a user supplied parameter and lack of sufficient preparation on an existing SQL query. • https://patchstack.com/database/vulnerability/porto-functionality/wordpress-porto-theme-functionality-plugin-2-11-1-unauthenticated-sql-injection-vulnerability? • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47875 – WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47875
21 Nov 2023 — The Perfmatters plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.6. • https://patchstack.com/database/vulnerability/perfmatters/wordpress-perfmatters-plugin-2-1-6-multiple-cross-site-request-forgery-csrf-vulnerabilities? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2497 – UserPro <= 5.1.0 - Cross-Site Request Forgery to PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-2497
21 Nov 2023 — The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. ... El complemento UserPro para WordPress es vulnerable a la Cross-Site Request Forgery en versiones hasta la 5.1.0 incluida. • https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 • CWE-352: Cross-Site Request Forgery (CSRF) •