Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-5823: WordPress TK Google Fonts GDPR Compliant plugin <= 2.2.11 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin <= 2.2.11 versions.

CVE
Open in Source
#csrf#vulnerability#google#wordpress#auth
CVE-2023-46778: WordPress Auto Limit Posts Reloaded plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin <= 2.5 versions.

CVE-2023-46781: WordPress Current Menu Item for Custom Post Types plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg Current Menu Item for Custom Post Types plugin <= 1.5 versions.

CVE-2023-47186: WordPress Kadence WooCommerce Email Designer plugin <= 1.5.11 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin <= 1.5.11 versions.

CVE-2023-47185: WordPress wpDiscuz plugin <= 7.6.11 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.

CVE-2023-47184: WordPress Admin Bar & Dashboard Access Control plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin <= 1.2.8 versions.

CVE-2023-47182: WordPress Login Screen Manager plugin <= 3.5.2 - Unauth Stored Cross Site Scripting (XSS) via CSRF vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions.