Total
7944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15832 | 1 Wp-buy | 1 Visitor Traffic Real Time Statistics | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF. | |||||
| CVE-2019-15831 | 1 Wp-buy | 1 Visitor Traffic Real Time Statistics | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page. | |||||
| CVE-2019-15828 | 1 Tribulant | 1 One Click Ssl | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The one-click-ssl plugin before 1.4.7 for WordPress has CSRF. | |||||
| CVE-2019-15781 | 1 Weblizar | 1 Social Likebox \& Feed | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF. | |||||
| CVE-2019-15779 | 1 Quadlayers | 1 Wp Social Feed Gallery | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete. | |||||
| CVE-2019-15770 | 1 Hallme | 1 Woocommerce Address Book | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The woo-address-book plugin before 1.6.0 for WordPress has save calls without nonce verification checks. | |||||
| CVE-2019-15769 | 1 Haktansuren | 1 Handl Utm Grabber | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via add_option and update_option. | |||||
| CVE-2019-15660 | 1 Butlerblog | 1 Wp-members | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-members plugin before 3.2.8 for WordPress has CSRF. | |||||
| CVE-2019-15648 | 1 Elearningfreak | 1 Insert Or Embed Articulate Content | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber. | |||||
| CVE-2019-15645 | 1 Zoho | 1 Salesiq | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. | |||||
| CVE-2019-15515 | 1 Discourse | 1 Discourse | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Discourse 2.3.2 sends the CSRF token in the query string. | |||||
| CVE-2019-15496 | 1 Manageyourteam | 1 Myt Project Management | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page. | |||||
| CVE-2019-15491 | 1 It-novum | 1 Openitcockpit | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. | |||||
| CVE-2019-15329 | 1 Codection | 1 Import Users From Csv With Meta | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF. | |||||
| CVE-2019-15238 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field. | |||||
| CVE-2019-15229 | 1 Thedaylightstudio | 1 Fuel Cms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page. | |||||
| CVE-2019-15150 | 1 Schine.games | 1 Mw-oauth2client | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function. | |||||
| CVE-2019-15128 | 1 If.svnadmin Project | 1 If.svnadmin | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| iF.SVNAdmin through 1.6.2 allows svnadmin/usercreate.php CSRF to create a user. | |||||
| CVE-2019-15115 | 1 Profilepress | 1 Loginwp | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF. | |||||
| CVE-2019-15114 | 1 Ncrafts | 1 Formcraft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF. | |||||