CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47806 – WordPress Disable User Login Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47806
15 Nov 2023 — The Disable User Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.8. • https://patchstack.com/database/vulnerability/disable-user-login/wordpress-disable-user-login-plugin-1-3-7-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47765 – WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47765
14 Nov 2023 — The CodeBard's Patron Button and Widgets for Patreon plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.9. • https://patchstack.com/database/vulnerability/patron-button-and-widgets-by-codebard/wordpress-codebard-s-patron-button-and-widgets-for-patreon-plugin-2-1-9-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47775 – WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47775
14 Nov 2023 — The wpDiscuz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.6.11. • https://patchstack.com/database/vulnerability/wpdiscuz/wordpress-wpdiscuz-plugin-7-6-11-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47781 – WordPress Thrive Theme Builder Theme < 3.24.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47781
14 Nov 2023 — The Thrive Theme Builder theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions prior to 3.24.2. • https://patchstack.com/database/vulnerability/thrive-theme/wordpress-thrive-theme-builder-theme-3-20-1-cross-site-request-forgery-csrf-to-account-takeover-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47785 – WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47785
14 Nov 2023 — The LayerSlider plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.7.9. • https://patchstack.com/database/vulnerability/layerslider/wordpress-layerslider-plugin-7-7-9-multiple-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47787 – WordPress WooCommerce Bookings Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47787
14 Nov 2023 — The WooCommerce Bookings plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.3. • https://patchstack.com/database/vulnerability/woocommerce-bookings/wordpress-woocommerce-bookings-plugin-2-0-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47789 – WordPress WooCommerce Canada Post Shipping Plugin <= 2.8.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47789
14 Nov 2023 — The WooCommerce Canada Post Shipping plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.3. • https://patchstack.com/database/vulnerability/woocommerce-shipping-canada-post/wordpress-woocommerce-canada-post-shipping-plugin-2-8-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47792 – WordPress Big File Uploads Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47792
14 Nov 2023 — The Big File Uploads plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. • https://patchstack.com/database/vulnerability/tuxedo-big-file-uploads/wordpress-big-file-uploads-plugin-2-1-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47754 – WordPress Delete Duplicate Posts Plugin <= 4.8.9 is vulnerable to Broken Access Control
https://notcve.org/view.php?id=CVE-2023-47754
13 Nov 2023 — The Delete Duplicate Posts plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on some of its AJAX actions in all versions up to 4.9 (exclusive). • https://patchstack.com/database/vulnerability/delete-duplicate-posts/wordpress-delete-duplicate-posts-plugin-4-8-9-broken-access-control-vulnerability? • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47758 – WordPress Multi Step Form Plugin <= 1.7.11 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47758
13 Nov 2023 — The Multi Step Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.12. • https://patchstack.com/database/vulnerability/multi-step-form/wordpress-multi-step-form-plugin-1-7-11-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •