Total
6075 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38130 | 1 Cubecart | 1 Cubecart | 2024-11-21 | N/A | 8.1 HIGH |
| Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system. | |||||
| CVE-2023-38001 | 1 Ibm | 1 Aspera Orchestrator | 2024-11-21 | N/A | 6.5 MEDIUM |
| IBM Aspera Orchestrator 4.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260206. | |||||
| CVE-2023-37998 | 1 Saas | 1 Disabler | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler allows Cross Site Request Forgery.This issue affects Disabler: from n/a through 3.0.3. | |||||
| CVE-2023-37996 | 1 Gtmetrix | 1 Gtmetrix | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions. | |||||
| CVE-2023-37995 | 1 Wp-copyprotect Project | 1 Wp-copyprotect | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions. | |||||
| CVE-2023-37992 | 1 Presspage | 1 Smarty For Wordpress | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions. | |||||
| CVE-2023-37991 | 1 Monchito | 1 Wp Emoji One | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Monchito.Net WP Emoji One plugin <= 0.6.0 versions. | |||||
| CVE-2023-37990 | 1 Perelink Pro Project | 1 Perelink Pro | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro plugin <= 2.1.4 versions. | |||||
| CVE-2023-37985 | 1 Fivestarplugins | 1 Five Star Restaurant Menu | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in FiveStarPlugins Restaurant Menu and Food Ordering plugin <= 2.4.6 versions. | |||||
| CVE-2023-37974 | 1 Wp Social Autoconnect Project | 1 Wp Social Autoconnect | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Justin Klein WP Social AutoConnect plugin <= 4.6.1 versions. | |||||
| CVE-2023-37973 | 1 Replace Word Project | 1 Replace Word | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in David Pokorny Replace Word plugin <= 2.1 versions. | |||||
| CVE-2023-37968 | 1 Faboba | 1 Falang | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage for WordPress plugin <= 1.3.39 versions. | |||||
| CVE-2023-37964 | 1 Jenkins | 1 Elasticbox Ci | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2023-37962 | 1 Jenkins | 1 Benchmark Evaluator | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system. | |||||
| CVE-2023-37961 | 1 Jenkins | 1 Assembla | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account. | |||||
| CVE-2023-37958 | 1 Jenkins | 1 Sumologic Publisher | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers to connect to an attacker-specified URL. | |||||
| CVE-2023-37957 | 1 Jenkins | 1 Pipeline Restful Api | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and earlier allows attackers to connect to an attacker-specified URL, capturing a newly generated JCLI token. | |||||
| CVE-2023-37955 | 1 Jenkins | 1 Test Results Aggregator | 2024-11-21 | N/A | 6.5 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2023-37954 | 1 Jenkins | 1 Rebuilder | 2024-11-21 | N/A | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Rebuilder Plugin 320.v5a_0933a_e7d61 and earlier allows attackers to rebuild a previous build. | |||||
| CVE-2023-37952 | 1 Jenkins | 1 Mabl | 2024-11-21 | N/A | 6.5 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins mabl Plugin 0.0.46 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||