CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45651 – WordPress WP Attachments Plugin <= 5.0.11 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45651
12 Oct 2023 — The WP Attachments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.11. • https://patchstack.com/database/vulnerability/wp-attachments/wordpress-wp-attachments-plugin-5-0-6-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45653 – WordPress Video Playlist For YouTube Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45653
12 Oct 2023 — The Video Playlist For YouTube plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.1. • https://patchstack.com/database/vulnerability/video-playlist-for-youtube/wordpress-video-playlist-for-youtube-plugin-6-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45654 – WordPress Comments Ratings Plugin <= 1.1.7 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45654
12 Oct 2023 — The Comments Ratings plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.7. • https://patchstack.com/database/vulnerability/comments-ratings/wordpress-comments-ratings-plugin-1-1-7-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45655 – WordPress PixFields Plugin <= 0.7.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45655
12 Oct 2023 — The PixFields plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.7.0. • https://patchstack.com/database/vulnerability/pixfields/wordpress-pixfields-plugin-0-7-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45656 – WordPress Lazy Load for Videos Plugin <= 2.18.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45656
12 Oct 2023 — The Lazy Load for Videos plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.2. • https://patchstack.com/database/vulnerability/lazy-load-for-videos/wordpress-lazy-load-for-videos-plugin-2-18-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-45657 – WordPress Nexter Theme <= 2.0.3 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-45657
12 Oct 2023 — The Nexter theme for WordPress is vulnerable to SQL Injection via the 'to' and 'from' parameters in versions up to, and including, 2.0.3 due to insufficient escaping on the user supplied parameter and lack of valid preparation on the existing SQL query. • https://patchstack.com/database/vulnerability/nexter/wordpress-nexter-theme-2-0-3-sql-injection-vulnerability? • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45748 – WordPress MailChimp Forms by MailMunch Plugin <= 3.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45748
12 Oct 2023 — The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.7. • https://patchstack.com/database/vulnerability/mailchimp-forms-by-mailmunch/wordpress-mailchimp-forms-by-mailmunch-plugin-3-1-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45749 – WordPress AGP Font Awesome Collection Plugin <= 3.2.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45749
12 Oct 2023 — The AGP Font Awesome Collection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.4. • https://patchstack.com/database/vulnerability/agp-font-awesome-collection/wordpress-agp-font-awesome-collection-plugin-3-2-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45752 – WordPress Post Gallery Plugin <= 2.3.12 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45752
12 Oct 2023 — The Post Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.12. • https://patchstack.com/database/vulnerability/simple-post-gallery/wordpress-post-gallery-plugin-2-3-12-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45753 – WordPress which template file Plugin <= 4.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45753
12 Oct 2023 — The which template file plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.0. • https://patchstack.com/database/vulnerability/which-template-file/wordpress-which-template-file-plugin-4-6-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •