Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CVE-2022-36345: WordPress Download Plugin <= 2.0.4 - Cross-Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Plugin <= 2.0.4 versions.

CVE
Open in Source
#csrf#vulnerability#wordpress#auth
CVE-2023-33316: WordPress WooCommerce Follow-Up Emails plugin <= 4.9.40 - Multiple Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions.

CVE-2023-33313: WordPress WIP Custom Login plugin <= 1.2.9 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in ThemeinProgress WIP Custom Login plugin <= 1.2.9 versions.

CVE-2023-33931: WordPress YouTube Playlist Player plugin <= 4.6.4 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu YouTube Playlist Player plugin <= 4.6.4 versions.

CVE-2023-33315: WordPress Smart App Banner plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin <= 1.1.2 versions.

CVE-2023-33212: WordPress JetFormBuilder plugin <= 3.0.6 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin <= 3.0.6 versions.

CVE-2023-2950: fix: bug fix (#6354) · openemr/openemr@abee8d2

Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.

CVE-2023-2944: bug fix (#6267) · openemr/openemr@723ac5d

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.