CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by CWE-352

Filtered by vendor Subscriptions

Total 8338 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-44471	1 Kau-boys	1 Backend Localization	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Bernhard Kau Backend Localization plugin <= 2.1.10 versions.
CVE-2023-44470	1 Kvvaradha	1 Kv Tinymce Editor Add Fonts	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Kvvaradha Kv TinyMCE Editor Add Fonts plugin <= 1.1 versions.
CVE-2023-44385	1 Home-assistant	1 Home Assistant Companion	2024-11-21	8.6 High
The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this security advisory, may result in full compromise and remote code execution (RCE). Version 2023.7 addresses this issue and all users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as GitHub Security Lab (GHSL) Vulnerability Report: GHSL-2023-161.
CVE-2023-44261	1 Dineshkarki	1 Block Plugin Update	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki Block Plugin Update plugin <= 3.3 versions.
CVE-2023-44260	1 Rebing	1 Woocommerce Esto	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mikk Mihkel Nurges, Rebing OÜ Woocommerce ESTO plugin <= 2.23.1 versions.
CVE-2023-44259	1 Mediavine	1 Mediavine Control Panel	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mediavine Mediavine Control Panel plugin <= 2.10.2 versions.
CVE-2023-44257	1 Mangboard	1 Mang Board	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Hometory Mang Board WP plugin <= 1.7.6 versions.
CVE-2023-44246	1 Matiass	1 Shockingly Simple Favicon	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Matias s Shockingly Simple Favicon plugin <= 1.8.2 versions.
CVE-2023-44243	1 Dylanblokhuis	1 Instant Css	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dylan Blokhuis Instant CSS plugin <= 1.2.1 versions.
CVE-2023-44241	1 Keap	1 Keap Landing Pages	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Keap Keap Landing Pages plugin <= 1.4.2 versions.
CVE-2023-44240	1 Peterbutler	1 Timthumb Vulnerability Scanner	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin <= 1.54 versions.
CVE-2023-44238	1 Joakimling	1 Remove Slug From Custom Post Type	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Joakim Ling Remove slug from custom post type plugin <= 1.0.3 versions.
CVE-2023-44237	1 Moriyan Jay	1 Wp Site Protector	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Moriyan Jay WP Site Protector plugin <= 2.0 versions.
CVE-2023-44236	1 Devnath Verma	1 Wp Captcha	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Devnath verma WP Captcha plugin <= 2.0.0 versions.
CVE-2023-44232	1 Nxsn	1 Wp Hide Pages	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu WP Hide Pages plugin <= 1.0 versions.
CVE-2023-44231	1 Nickduncan	1 Contact Form	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in NickDuncan Contact Form plugin <= 2.0.10 versions.
CVE-2023-44161	3 Acronis, Linux, Microsoft	3 Cyber Protect, Linux Kernel, Windows	2024-11-21	6.5 Medium
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44160	3 Acronis, Linux, Microsoft	3 Cyber Protect, Linux Kernel, Windows	2024-11-21	6.5 Medium
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44146	1 Checkfront	1 Checkfront Online Booking System	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Checkfront Inc. Checkfront Online Booking System plugin <= 3.6 versions.
CVE-2023-43649	1 Basercms	1 Basercms	2024-11-21	4.7 Medium
baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue.

« first previous Page 275 of 417. next last »