Total
6075 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33931 | 1 Getbutterfly | 1 Youtube Playlist Player | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu YouTube Playlist Player plugin <= 4.6.4 versions. | |||||
| CVE-2023-33926 | 1 Supsystic | 1 Easy Google Maps | 2024-11-21 | N/A | 7.1 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions. | |||||
| CVE-2023-33534 | 1 Sztozed | 2 Zlt S10g, Zlt S10g Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process. | |||||
| CVE-2023-33409 | 1 Minical | 1 Minical | 2024-11-21 | N/A | 6.5 MEDIUM |
| Minical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via minical/public/application/controllers/settings/company.php. | |||||
| CVE-2023-33359 | 1 Piwigo | 1 Piwigo | 2024-11-21 | N/A | 4.3 MEDIUM |
| Piwigo 13.6.0 is vulnerable to Cross Site Request Forgery (CSRF) in the "add tags" function. | |||||
| CVE-2023-33333 | 1 Really-simple-plugins | 1 Complianz | 2024-11-21 | N/A | 7.1 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting (XSS).This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1. | |||||
| CVE-2023-33316 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions. | |||||
| CVE-2023-33315 | 1 Wandlesoftware | 1 Smart App Banner | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin <= 1.1.2 versions. | |||||
| CVE-2023-33314 | 1 Pluginus | 1 Bear - Woocommerce Bulk Editor And Products Manager Professional | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR plugin <= 1.1.3.1 versions. | |||||
| CVE-2023-33313 | 1 Themeinprogress | 1 Wip Custom Login | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeinProgress WIP Custom Login plugin <= 1.2.9 versions. | |||||
| CVE-2023-33214 | 1 Taggbox | 1 Taggbox | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1. | |||||
| CVE-2023-33212 | 1 Crocoblock | 1 Jetformbuilder | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin <= 3.0.6 versions. | |||||
| CVE-2023-33006 | 1 Jenkins | 1 Wso2 Oauth | 2024-11-21 | N/A | 5.4 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account. | |||||
| CVE-2023-33003 | 1 Jenkins | 1 Tag Profiler | 2024-11-21 | N/A | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers to reset profiler statistics. | |||||
| CVE-2023-32998 | 1 Jenkins | 1 Appspider | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. | |||||
| CVE-2023-32995 | 1 Jenkins | 1 Saml Single Sign On | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | |||||
| CVE-2023-32991 | 1 Jenkins | 1 Saml Single Sign On | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | |||||
| CVE-2023-32989 | 1 Jenkins | 1 Azure Vm Agents | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | |||||
| CVE-2023-32987 | 1 Jenkins | 1 Reverse Proxy Auth | 2024-11-21 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. | |||||
| CVE-2023-32980 | 1 Jenkins | 1 Email Extension | 2024-11-21 | N/A | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job. | |||||