Total
6080 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18544 | 1 Invite Anyone Project | 1 Invite Anyone | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. | |||||
| CVE-2017-18523 | 1 Eelv Newsletter Project | 1 Eelv Newsletter | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The eelv-newsletter plugin before 4.6.1 for WordPress has CSRF in the address book. | |||||
| CVE-2017-18521 | 1 Wp-kama | 1 Democracy Poll | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n. | |||||
| CVE-2017-18513 | 1 Expresstech | 1 Responsive Menu | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. | |||||
| CVE-2017-18512 | 1 Supsystic | 1 Newsletter By Supsystic | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF. | |||||
| CVE-2017-18511 | 1 Wpmudev | 1 Custom Sidebars | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF. | |||||
| CVE-2017-18510 | 1 Wpmudev | 1 Custom Sidebars | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions. | |||||
| CVE-2017-18504 | 1 Wpdeveloper | 1 Twitter Cards Meta | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. | |||||
| CVE-2017-18485 | 1 Elementalpath | 2 Cognitoys Dino, Cognitoys Dino Firmware | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| Cognitoys Dino devices allow profiles_add.html CSRF. | |||||
| CVE-2017-18366 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Subrion CMS 4.1.5 has CSRF in blog/delete/. | |||||
| CVE-2017-18107 | 1 Atlassian | 1 Crowd | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery (CSRF) vulnerability. Please be aware that the Demo application is not enabled by default. | |||||
| CVE-2017-18080 | 1 Atlassian | 1 Bamboo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-site request forgery (CSRF) vulnerability. | |||||
| CVE-2017-18042 | 1 Atlassian | 1 Bamboo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The update user administration resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify user data including passwords via a Cross-site request forgery (CSRF) vulnerability. | |||||
| CVE-2017-18033 | 1 Atlassian | 1 Jira | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities. | |||||
| CVE-2017-17990 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. | |||||
| CVE-2017-17982 | 1 Muslim Matrimonial Script Project | 1 Muslim Matrimonial Script | 2024-11-21 | 6.0 MEDIUM | 6.8 MEDIUM |
| PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php. | |||||
| CVE-2017-17960 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php. | |||||
| CVE-2017-17939 | 1 Single Theater Booking Script Project | 1 Single Theater Booking Script | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php. | |||||
| CVE-2017-17936 | 1 Vanguard Project | 1 Marketplace Digital Products Php | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Vanguard Marketplace Digital Products PHP has CSRF via /search. | |||||
| CVE-2017-17930 | 1 Ordermanagementscript | 1 Professional Service Script | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. | |||||