CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46841 – WordPress Oxygen Builder Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-46841
20 Jul 2023 — The Oxygen plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to 4.4. • https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-builder-plugin-4-6-2-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37991 – WordPress WP Emoji One Plugin <= 0.6.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-37991
19 Jul 2023 — The WP Emoji One plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.0. • https://patchstack.com/database/vulnerability/wp-emoji-one/wordpress-wp-emoji-one-plugin-0-6-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37992 – WordPress Smarty for WordPress Plugin <= 3.1.35 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-37992
19 Jul 2023 — Smarty for WordPress plugin <= 3.1.35 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Smarty de PressPage Entertainment Inc. para WordPress en versiones <= 3.1.35. The Smarty for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.35. ... Smarty for WordPress plugin <= 3.1.35 versions. • https://patchstack.com/database/vulnerability/smarty-for-wordpress/wordpress-smarty-for-wordpress-plugin-3-1-35-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37996 – WordPress GTmetrix for WordPress Plugin <= 0.4.7 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-37996
19 Jul 2023 — Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en GTmetrix GTmetrix para el complemento de WordPress en versiones <= 0.4.7. The GTmetrix for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and includi... • https://patchstack.com/database/vulnerability/gtmetrix-for-wordpress/wordpress-gtmetrix-for-wordpress-plugin-0-4-7-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25025 – WordPress WP-CopyProtect [Protect your blog posts] Plugin <= 3.1.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25025
19 Jul 2023 — The WP-CopyProtect [Protect your blog posts] plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.0. • https://patchstack.com/database/vulnerability/wp-copyprotect/wordpress-wp-copyprotect-protect-your-blog-posts-plugin-3-1-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37985 – WordPress Five Star Restaurant Menu Plugin <= 2.4.6 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-37985
17 Jul 2023 — The Restaurant Menu and Food Ordering by Five Star Plugins plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.6. • https://patchstack.com/database/vulnerability/food-and-drink-menu/wordpress-restaurant-menu-and-food-ordering-by-five-star-plugins-plugin-2-4-6-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2830 – WordPress WP Testimonials Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-2830
14 Jul 2023 — The WP Testimonials plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check in the tabs/index-widget-header.php file in versions up to, and including, 1.4.2. • https://patchstack.com/database/vulnerability/testimonial-widgets/wordpress-wp-testimonials-plugin-1-4-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37966 – WordPress User Activity Log Plugin <= 1.6.2 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-37966
12 Jul 2023 — The User Activity Log plugin for WordPress is vulnerable to SQL Injection via several parameters like 'userrole', 'userip', 'username', and 'type' in versions up to, and including, 1.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query in the ual_user_activity_function() function. • https://patchstack.com/database/vulnerability/user-activity-log/wordpress-user-activity-log-plugin-1-6-2-sql-injection-vulnerability? • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37968 – WordPress Falang multilanguage Plugin <= 1.3.39 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-37968
12 Jul 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. The Falang multilanguage plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.39. ... Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. • https://patchstack.com/database/vulnerability/falang/wordpress-falang-multilanguage-plugin-1-3-39-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37973 – WordPress Replace Word Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-37973
12 Jul 2023 — The Replace Word plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. • https://patchstack.com/database/vulnerability/replace-word/wordpress-replace-word-plugin-2-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •