| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in Infoway LLC Ebook Downloader allows Cross Site Request Forgery. This issue affects Ebook Downloader: from n/a through 1.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in digireturn DN Footer Contacts allows Cross Site Request Forgery. This issue affects DN Footer Contacts: from n/a through 1.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in digireturn Simple Fixed Notice allows Cross Site Request Forgery. This issue affects Simple Fixed Notice: from n/a through 1.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui JSON Structuring Markup allows Stored XSS. This issue affects JSON Structuring Markup: from n/a through 0.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in CloudRedux Product Notices for WooCommerce allows Cross Site Request Forgery. This issue affects Product Notices for WooCommerce: from n/a through 1.3.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in Labinator Labinator Content Types Duplicator allows Cross Site Request Forgery. This issue affects Labinator Content Types Duplicator: from n/a through 1.1.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in IT Path Solutions SCSS WP Editor allows Cross Site Request Forgery. This issue affects SCSS WP Editor: from n/a through 1.1.8. |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php. |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. |
| If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. |
| When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack |
| The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack |
| Cross-Site Request Forgery (CSRF) vulnerability in karrikas banner-manager allows Stored XSS. This issue affects banner-manager: from n/a through 16.04.19. |
| Cross-Site Request Forgery (CSRF) vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a through 1.8.1.
|
| Cross-Site Request Forgery (CSRF) vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8.
|
