CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47671 – WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47671
08 Nov 2023 — The Vertical scroll recent post plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 14.0. • https://patchstack.com/database/vulnerability/vertical-scroll-recent-post/wordpress-vertical-scroll-recent-post-plugin-14-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47672 – WordPress WP Category Post List Widget Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47672
08 Nov 2023 — The WP Category Post List Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.3. • https://patchstack.com/database/vulnerability/wp-category-posts-list/wordpress-wp-category-post-list-widget-plugin-2-0-3-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38702 – WordPress WP CSV Exporter Plugin <= 2.0 is vulnerable to CSV Injection
https://notcve.org/view.php?id=CVE-2022-38702
07 Nov 2023 — Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0. Neutralización inadecuada de elementos de fórmula en una vulnerabilidad de archivo CSV en Nakashima Masahiro WP CSV Exporter. Este problema afecta a WP CSV Exporter: desde n/a hasta 2.0. • https://patchstack.com/database/vulnerability/wp-csv-exporter/wordpress-wp-csv-exporter-plugin-1-3-6-authenticated-csv-injection-vulnerability? • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47507 – WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-47507
07 Nov 2023 — The Master Slider Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.5 via deserialization of untrusted input. • https://patchstack.com/database/vulnerability/masterslider/wordpress-master-slider-pro-plugin-3-6-5-php-object-injection-vulnerability? • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47519 – WordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47519
07 Nov 2023 — The WooCommerce Product Table Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.2. • https://patchstack.com/database/vulnerability/wc-product-table-lite/wordpress-woocommerce-product-table-lite-plugin-2-6-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47531 – WordPress Droit Dark Mode Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47531
07 Nov 2023 — The Droit Dark Mode plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. • https://patchstack.com/database/vulnerability/droit-dark-mode/wordpress-droit-dark-mode-plugin-1-1-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47551 – WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47551
07 Nov 2023 — The Donations Made Easy – Smart Donations plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.12. • https://patchstack.com/database/vulnerability/smart-donations/wordpress-donations-made-easy-smart-donations-plugin-4-0-12-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47552 – WordPress Image Hover Effects Plugin <= 5.5 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47552
07 Nov 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Image Hover Effects – WordPress Plugin.This issue affects Image Hover Effects – WordPress Plugin: from n/a through 5.5. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Labib Ahmed Image Hover Effects – WordPress Plugin. Este problema afecta a Image Hover Effects – WordPress Plugin: desde n/a hasta 5.5. The Image Hover Effects plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up... • https://patchstack.com/database/vulnerability/image-hover-effects/wordpress-image-hover-effects-plugin-5-5-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47553 – WordPress UserHeat Plugin Plugin <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47553
07 Nov 2023 — The UserHeat Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.6. • https://patchstack.com/database/vulnerability/userheat/wordpress-userheat-plugin-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47556 – WordPress Device Theme Switcher Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47556
07 Nov 2023 — The Plugin Name: Device Theme Switcher plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.2. • https://patchstack.com/database/vulnerability/device-theme-switcher/wordpress-plugin-name-device-theme-switcher-plugin-3-0-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •