Total
6078 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10962 | 1 Icegram | 1 Icegram Engage | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter. | |||||
| CVE-2016-10946 | 1 Wp-d3 Project | 1 Wp-d3 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-d3 plugin before 2.4.1 for WordPress has CSRF. | |||||
| CVE-2016-10945 | 1 Pagelines | 1 Pagelines | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF. | |||||
| CVE-2016-10944 | 1 Wpmaz | 1 Multisite Post Duplicator | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF. | |||||
| CVE-2016-10938 | 1 Copy-me Project | 1 Copy-me | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location. | |||||
| CVE-2016-10918 | 1 Supsystic | 1 Photo Gallery | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. | |||||
| CVE-2016-10915 | 1 Supsystic | 1 Popup | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF. | |||||
| CVE-2016-10914 | 1 Add From Server Project | 1 Add From Server | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file. | |||||
| CVE-2016-10903 | 1 Godaddy | 1 Godaddy Email Marketing | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF. | |||||
| CVE-2016-10902 | 1 Gowebsolutions | 1 Wp Customer Reviews | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-customer-reviews plugin before 3.0.9 for WordPress has CSRF in the admin tools. | |||||
| CVE-2016-10885 | 1 Benjaminrojas | 1 Wp Editor | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-editor plugin before 1.2.6 for WordPress has CSRF. | |||||
| CVE-2016-10884 | 1 Simple-membership-plugin | 1 Simple Membership | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues. | |||||
| CVE-2016-10883 | 1 Mijnpress | 1 Simple Add Pages Or Posts | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
| The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users. | |||||
| CVE-2016-10882 | 1 Google Doc Embedder Project | 1 Google Doc Embedder | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The google-document-embedder plugin before 2.6.2 for WordPress has CSRF. | |||||
| CVE-2016-10876 | 1 Wpseeds | 1 Wp Database Backup | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-database-backup plugin before 4.3.1 for WordPress has CSRF. | |||||
| CVE-2016-10874 | 1 Wpseeds | 1 Wp Database Backup | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. | |||||
| CVE-2016-10865 | 1 23systems | 1 Lightbox Plus Colorbox | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS. | |||||
| CVE-2016-10863 | 1 Edimax | 4 7237rpd, 7237rpd Firmware, Ew-7438rpn Mini and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure. | |||||
| CVE-2016-10862 | 1 Neetcables | 2 Airstream Nas, Airstream Nas Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page. | |||||
| CVE-2016-10861 | 1 Neetcables | 2 Airstream, Airstream Nas Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Neet AirStream NAS1.1 devices allow CSRF attacks that cause the settings binary to change the AP name and password. | |||||