ReportizFlow
Filtered by vendor
Subscriptions
Total
8337 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-23792 | 1 Hasthemes | 1 Swatchly | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Swatchly plugin <= 1.2.0 versions. | ||||
| CVE-2023-23791 | 1 Hasthemes | 1 Ht Menu | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Menu plugin <= 1.2.1 versions. | ||||
| CVE-2023-23787 | 1 Premmerce | 1 Redirect Manager | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions. | ||||
| CVE-2023-23731 | 1 Hasthemes | 1 Wishsuite | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin <= 1.3.3 versions. | ||||
| CVE-2023-23719 | 1 Premmerce | 1 Premmerce | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Premmerce plugin <= 1.3.17 versions. | ||||
| CVE-2023-23704 | 1 Pixelgrade | 1 Comments Rating | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.6 versions. | ||||
| CVE-2023-23671 | 1 Web-settler | 1 Layer Slider | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions. | ||||
| CVE-2023-23646 | 1 Awplife | 1 Album Gallery | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions. | ||||
| CVE-2023-23473 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.3 Medium |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400. | ||||
| CVE-2023-22709 | 1 Srs Simple Hits Counter Project | 1 Srs Simple Hits Counter | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple Hits Counter plugin <= 1.1.0 versions. | ||||
| CVE-2023-22695 | 1 Wpgogo | 1 Custom Field Template | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita Custom Field Template plugin <= 2.5.8 versions. | ||||
| CVE-2023-22694 | 1 Bigcontact Contact Page Project | 1 Bigcontact Contact Page | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Arian Khosravi, Norik Davtian BigContact Contact Page plugin <= 1.5.8 versions. | ||||
| CVE-2023-22693 | 1 Conlabz | 1 Wp Google Tag Manager | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in conlabzgmbh WP Google Tag Manager plugin <= 1.1 versions. | ||||
| CVE-2023-22674 | 1 Halgatewood | 1 Dashicons \+ Custom Post Types | 2024-11-21 | 5.4 Medium |
| Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Hal Gatewood Dashicons + Custom Post Types.This issue affects Dashicons + Custom Post Types: from n/a through 1.0.2. | ||||
| CVE-2023-22673 | 1 Magenet | 1 Website Monetization | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in MageNet Website Monetization by MageNet plugin <= 1.0.29.1 versions. | ||||
| CVE-2023-22672 | 1 Vibethemes | 1 Vslider | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <= 4.1.2 versions. | ||||
| CVE-2023-20221 | 1 Cisco | 46 Ip Conference Phone 7832, Ip Conference Phone 7832 With Multiplatform Firmware, Ip Conference Phone 8831 and 43 more | 2024-11-21 | 6.5 Medium |
| A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform a factory reset of the affected device, resulting in a Denial of Service (DoS) condition. | ||||
| CVE-2023-20180 | 1 Cisco | 1 Webex Meetings | 2024-11-21 | 4.3 Medium |
| A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions. These actions could include joining meetings and scheduling training sessions. | ||||
| CVE-2023-20130 | 1 Cisco | 2 Evolved Programmable Network Manager, Prime Infrastructure | 2024-11-21 | 6.5 Medium |
| Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2023-20113 | 1 Cisco | 1 Sd-wan | 2024-11-21 | 6.5 Medium |
| A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. These actions could include modifying the system configuration and deleting accounts. | ||||