Total
6078 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46815 | 1 Wptrio | 1 Conditional Shipping For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 versions. | |||||
| CVE-2022-46814 | 1 Pierros | 1 Kodex Posts Likes | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lebedel Kodex Posts likes plugin <= 2.4.3 versions. | |||||
| CVE-2022-46813 | 1 Sigmaplugin | 1 Advanced Database Cleaner | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advanced Database Cleaner plugin <= 3.1.1 versions. | |||||
| CVE-2022-46812 | 1 Villatheme | 1 Thank You Page Customizer For Woocommerce | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | |||||
| CVE-2022-46810 | 1 Villatheme | 1 Thank You Page Customizer For Woocommerce | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. | |||||
| CVE-2022-46806 | 1 Villatheme | 1 Cart All In One For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification. | |||||
| CVE-2022-46805 | 1 Wptrio | 1 Conditional Shipping For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 leading to activation/deactivation of plugin rulesets. | |||||
| CVE-2022-46800 | 1 Litespeedtech | 1 Litespeed Cache | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions. | |||||
| CVE-2022-46798 | 1 Hasthemes | 1 Woolentor - Woocommerce Elementor Addons \+ Builder | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change. | |||||
| CVE-2022-46797 | 1 Tatvic | 1 Conversios.io | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Conversios All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce plugin <= 5.2.3 leads to plugin settings change. | |||||
| CVE-2022-46794 | 1 Weightbasedshipping | 1 Woocommerce Weight Based Shipping | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in weightbasedshipping.Com WooCommerce Weight Based Shipping plugin <= 5.4.1 versions. | |||||
| CVE-2022-46793 | 1 Adtribes | 1 Product Feed Pro For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io Product Feed PRO for WooCommerce plugin <= 12.4.4 versions. | |||||
| CVE-2022-46688 | 1 Jenkins | 1 Sonar Gerrit | 2024-11-21 | N/A | 6.5 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers (previously configured by Jenkins administrators) using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins. | |||||
| CVE-2022-46491 | 1 Nbnbk Project | 1 Nbnbk | 2024-11-21 | N/A | 6.5 MEDIUM |
| A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts. | |||||
| CVE-2022-46368 | 1 Maxum | 1 Rumpus | 2024-11-21 | N/A | 6.8 MEDIUM |
| Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users. | |||||
| CVE-2022-46367 | 1 Maxum | 1 Rumpus | 2024-11-21 | N/A | 6.8 MEDIUM |
| Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation. | |||||
| CVE-2022-46074 | 1 Helmet Store Showroom Project | 1 Helmet Store Showroom | 2024-11-21 | N/A | 8.8 HIGH |
| Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection. | |||||
| CVE-2022-46062 | 1 Gym Management System Project | 1 Gym Management System | 2024-11-21 | N/A | 4.5 MEDIUM |
| Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF). | |||||
| CVE-2022-46059 | 1 Aerocms Project | 1 Aerocms | 2024-11-21 | N/A | 6.5 MEDIUM |
| AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF). | |||||
| CVE-2022-45980 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet . | |||||