Total
8298 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45127 | 1 Sewio | 1 Real-time Location System Studio | 2024-11-21 | N/A | 8.1 HIGH |
| Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition. | |||||
| CVE-2022-45080 | 1 Krishaweb | 1 Add Multiple Marker | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in KrishaWeb Add Multiple Marker plugin <= 1.2 versions. | |||||
| CVE-2022-45079 | 1 Loginizer | 1 Loginizer | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. | |||||
| CVE-2022-45076 | 1 Webmat | 1 Flexible Elementor Panel | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions. | |||||
| CVE-2022-45074 | 1 Areteit | 1 Activity Reactions For Buddypress | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Paramveer Singh for Arete IT Private Limited Activity Reactions For Buddypress plugin <= 1.0.22 versions. | |||||
| CVE-2022-45073 | 1 Miniorange | 1 Wordpress Rest Api Authentication | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in REST API Authentication plugin <= 2.4.0 on WordPress. | |||||
| CVE-2022-45072 | 1 Wpml | 1 Wpml | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress. | |||||
| CVE-2022-45071 | 1 Wpml | 1 Wpml | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress. | |||||
| CVE-2022-45068 | 1 Mercadopago | 1 Mercado Pago Payments For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1. | |||||
| CVE-2022-45067 | 1 Devscred | 1 Exclusive Addons For Elementor | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions. | |||||
| CVE-2022-44741 | 1 Slidervilla | 1 Testimonial Slider | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) in David Anderson Testimonial Slider plugin <= 1.3.1 on WordPress. | |||||
| CVE-2022-44740 | 1 Constantcontact | 1 Creative Mail | 2024-11-21 | N/A | 5.4 MEDIUM |
| Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress. | |||||
| CVE-2022-44739 | 1 Thingsforrestaurants | 1 Quick Restaurant Reservations | 2024-11-21 | N/A | 5.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.5.4 versions. | |||||
| CVE-2022-44737 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2024-11-21 | N/A | 5.4 MEDIUM |
| Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress. | |||||
| CVE-2022-44627 | 1 Coleds | 1 Simple Seo | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows attackers to create or delete sitemaps. | |||||
| CVE-2022-44585 | 1 Magneticlab | 1 Homepage Pop-up | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions. | |||||
| CVE-2022-43980 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | N/A | 5.2 MEDIUM |
| There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS payload will be executed. The exploitation of this vulnerability could allow an atacker to steal the value of the admin user´s cookie. | |||||
| CVE-2022-43710 | 1 Gxsoftware | 1 Xperiencentral | 2024-11-21 | N/A | 8.8 HIGH |
| Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields. | |||||
| CVE-2022-43491 | 1 Algolplus | 1 Advanced Dynamic Pricing For Woocommerce | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to plugin settings import. | |||||
| CVE-2022-43490 | 1 Xwp | 1 Stream | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin <= 3.9.2 versions. | |||||