Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8679 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-46212 1 Wpvnteam 1 Wp Extra 2024-11-21 6.3 Medium
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects WP EXtra: from n/a through 6.2.
CVE-2023-46204 1 Mullerdigital 1 Duplicate Theme 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Muller Digital Inc. Duplicate Theme plugin <= 0.1.6 versions.
CVE-2023-46202 1 Auto Login New User After Registration Project 1 Auto Login New User After Registration 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration plugin <= 1.9.6 versions.
CVE-2023-46201 1 Auto Login New User After Registration Project 1 Auto Login New User After Registration 2024-11-21 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a through 1.9.6.
CVE-2023-46198 1 Apointzilla 1 Appointment Calendar 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Scientech It Solution Appointment Calendar plugin <= 2.9.6 versions.
CVE-2023-46193 1 Internetmarketingninjas 1 Internal Link Building 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Internet Marketing Ninjas Internal Link Building plugin <= 1.2.3 versions.
CVE-2023-46191 1 Underdock 1 Open Graph Metabox 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Niels van Renselaar Open Graph Metabox plugin <= 1.4.4 versions.
CVE-2023-46190 1 Novo-media 1 Novo-map\ 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Novo-media Novo-Map : your WP posts on custom google maps plugin <= 1.1.2 versions.
CVE-2023-46189 1 Xtendify 1 Simple Calendar 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Simple Calendar – Google Calendar Plugin <= 3.2.5 versions.
CVE-2023-46151 1 Awesometogi 1 Product Category Tree 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in AWESOME TOGI Product Category Tree plugin <= 2.5 versions.
CVE-2023-46150 1 Wpmilitary 1 Wp Radio 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WP Military WP Radio plugin <= 3.1.9 versions.
CVE-2023-46095 1 Chetangole 1 Smooth Scroll Links 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole Smooth Scroll Links [SSL] plugin <= 1.1.0 versions.
CVE-2023-46092 1 Lionscripts 1 Webmaster Tools 2024-11-21 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com Webmaster Tools allows Stored XSS.This issue affects Webmaster Tools: from n/a through 2.0.
CVE-2023-46089 1 Userback 1 Userback 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Lee Le @ Userback Userback plugin <= 1.0.13 versions.
CVE-2023-46087 1 Mahlamusa 1 Who Hit The Page Hit Counter 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mahlamusa Who Hit The Page – Hit Counter plugin <= 1.4.14.3 versions.
CVE-2023-46085 1 Wpmet 1 Wp Ultimate Review 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.2.4 versions.
CVE-2023-46078 1 Pluginever 1 Wc Serial Numbers 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in PluginEver WC Serial Numbers plugin <= 1.6.3 versions.
CVE-2023-46067 1 Qwerty23 1 Rocket Font 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Font plugin <= 1.2.3 versions.
CVE-2023-45992 1 Commscope 1 Ruckus Cloudpath Enrollment System 2024-11-21 9.6 Critical
A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF attacks against a user of the admin management interface. A successful attack, combined with a certain admin activity, could allow the attacker to gain full admin privileges on the exploited system.
CVE-2023-45884 1 Nasa 1 Openmct 2024-11-21 6.5 Medium
Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to view sensitive information via the flexibleLayout plugin.