Total
7935 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10944 | 1 Wpmaz | 1 Multisite Post Duplicator | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF. | |||||
| CVE-2016-10938 | 1 Copy-me Project | 1 Copy-me | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location. | |||||
| CVE-2016-10918 | 1 Supsystic | 1 Photo Gallery | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. | |||||
| CVE-2016-10915 | 1 Supsystic | 1 Popup | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF. | |||||
| CVE-2016-10914 | 1 Add From Server Project | 1 Add From Server | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file. | |||||
| CVE-2016-10903 | 1 Godaddy | 1 Godaddy Email Marketing | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF. | |||||
| CVE-2016-10902 | 1 Gowebsolutions | 1 Wp Customer Reviews | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-customer-reviews plugin before 3.0.9 for WordPress has CSRF in the admin tools. | |||||
| CVE-2016-10885 | 1 Benjaminrojas | 1 Wp Editor | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-editor plugin before 1.2.6 for WordPress has CSRF. | |||||
| CVE-2016-10884 | 1 Simple-membership-plugin | 1 Simple Membership | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues. | |||||
| CVE-2016-10883 | 1 Mijnpress | 1 Simple Add Pages Or Posts | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
| The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users. | |||||
| CVE-2016-10882 | 1 Google Doc Embedder Project | 1 Google Doc Embedder | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The google-document-embedder plugin before 2.6.2 for WordPress has CSRF. | |||||
| CVE-2016-10876 | 1 Wpseeds | 1 Wp Database Backup | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-database-backup plugin before 4.3.1 for WordPress has CSRF. | |||||
| CVE-2016-10874 | 1 Wpseeds | 1 Wp Database Backup | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. | |||||
| CVE-2016-10865 | 1 23systems | 1 Lightbox Plus Colorbox | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS. | |||||
| CVE-2016-10863 | 1 Edimax | 4 7237rpd, 7237rpd Firmware, Ew-7438rpn Mini and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure. | |||||
| CVE-2016-10862 | 1 Neetcables | 2 Airstream Nas, Airstream Nas Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page. | |||||
| CVE-2016-10861 | 1 Neetcables | 2 Airstream, Airstream Nas Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Neet AirStream NAS1.1 devices allow CSRF attacks that cause the settings binary to change the AP name and password. | |||||
| CVE-2016-10766 | 1 Edx | 1 Edx-platform | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| edx-platform before 2016-06-06 allows CSRF. | |||||
| CVE-2016-10757 | 1 Readaxo | 1 Readaxo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In Redaxo 5.2.0, the cron management of the admin panel suffers from CSRF that leads to arbitrary Remote Code Execution via addons/cronjob/lib/types/phpcode.php. | |||||
| CVE-2016-10756 | 1 Kliqqi | 1 Kliqqi Cms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/upload_main.php can be used for the upload itself. | |||||