Cross-Site Request Forgery (CSRF) vulnerability in Uzair Easyfonts allows Cross Site Request Forgery. This issue affects Easyfonts: from n/a through 1.1.2.
Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows Cross Site Request Forgery. This issue affects Hesabfa Accounting: from n/a through 2.1.8.
Cross-Site Request Forgery (CSRF) vulnerability in 大侠wp DX-auto-save-images plugin <= 1.4.0 versions.
Cross-Site Request Forgery (CSRF) vulnerability in hitoy Super Static Cache allows Cross Site Request Forgery. This issue affects Super Static Cache: from n/a through 3.3.5.
Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Info Boxes Shortcode and Widget allows Cross Site Request Forgery. This issue affects Info Boxes Shortcode and Widget: from n/a through 1.15.
The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9. This is due to missing or incorrect nonce validation on various functions including the affiliates_menu method. This makes it possible for unauthenticated attackers to delete affiliate records, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven allows Cross Site Request Forgery. This issue affects Usermaven: from n/a through 1.2.1.
Cross-Site Request Forgery (CSRF) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions.
Cross-Site Request Forgery (CSRF) vulnerability in AntoineH Football Pool allows Cross Site Request Forgery. This issue affects Football Pool: from n/a through 2.12.2.
Cross-Site Request Forgery (CSRF) vulnerability in wpsolutions SoundCloud Ultimate allows Cross Site Request Forgery. This issue affects SoundCloud Ultimate: from n/a through 1.5.
Cross-Site Request Forgery (CSRF) vulnerability in Social Login WP plugin <= 5.0.0.0 versions.
Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite allows Cross Site Request Forgery. This issue affects Rewrite: from n/a through 0.2.1.
Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce allows Cross Site Request Forgery. This issue affects Product Author for WooCommerce: from n/a through 1.0.7.
Cross-Site Request Forgery (CSRF) vulnerability in Sébastien Dumont Auto Load Next Post allows Cross Site Request Forgery. This issue affects Auto Load Next Post: from n/a through 1.5.14.
Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Privilege Escalation. This issue affects Essential Breadcrumbs: from n/a through 1.1.1.
Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible Cookies allows Cross Site Request Forgery. This issue affects Flexible Cookies: from n/a through 1.1.8.
Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link allows Cross Site Request Forgery. This issue affects Simple Keyword to Link: from n/a through 1.5.
Cross-Site Request Forgery (CSRF) vulnerability in Link OSS Upload allows Cross Site Request Forgery. This issue affects OSS Upload: from n/a through 4.8.9.
Cross-Site Request Forgery (CSRF) vulnerability in themeton Seven Stars allows Cross Site Request Forgery. This issue affects Seven Stars: from n/a through 1.4.4.
Cross-Site Request Forgery (CSRF) vulnerability in muro External image replace allows Cross Site Request Forgery. This issue affects External image replace: from n/a through 1.0.8.
Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Image Autosave allows Cross Site Request Forgery. This issue affects Hacklog Remote Image Autosave: from n/a through 2.1.0.
Cross-Site Request Forgery (CSRF) vulnerability in Purab Seo Meta Tags allows Cross Site Request Forgery. This issue affects Seo Meta Tags: from n/a through 1.4.
Cross-Site Request Forgery (CSRF) vulnerability in Michael Cannon Custom Bulk/Quick Edit allows Cross Site Request Forgery. This issue affects Custom Bulk/Quick Edit: from n/a through 1.6.10.
Cross-Site Request Forgery (CSRF) vulnerability in flipdish Flipdish Ordering System allows Cross Site Request Forgery. This issue affects Flipdish Ordering System: from n/a through 1.4.16.
Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.22.
Cross-Site Request Forgery (CSRF) vulnerability in dangrossman W3Counter Free Real-Time Web Stats allows Cross Site Request Forgery. This issue affects W3Counter Free Real-Time Web Stats: from n/a through 4.1.
Cross-Site Request Forgery (CSRF) vulnerability in Andreas Heigl authLdap plugin <= 2.5.8 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Analytify plugin <= 4.2.2 on WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin <= 3.3.5 versions.
Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.5.4), vulnerable parameters "tarteaucitronEmail" and "tarteaucitronPass".
Cross-Site Request Forgery (CSRF) vulnerability in arkapravamajumder Back To Top allows Cross Site Request Forgery. This issue affects Back To Top: from n/a through 2.0.
Cross-Site Request Forgery (CSRF) vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin <= 2.2.1 versions.
Cross-Site Request Forgery (CSRF) vulnerability in storepro Subscription Renewal Reminders for WooCommerce allows Cross Site Request Forgery. This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through 1.3.7.
Cross-Site Request Forgery (CSRF) vulnerability in stesvis Frontpage category filter allows Cross Site Request Forgery. This issue affects Frontpage category filter: from n/a through 1.0.2.
Cross-Site Request Forgery (CSRF) vulnerability in Muntasir Rahman Custom Dashboard Page allows Cross Site Request Forgery. This issue affects Custom Dashboard Page: from n/a through 1.0.
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.10.
Cross-Site Request Forgery (CSRF) vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button allows Cross Site Request Forgery. This issue affects Contact Form 7 Select Box Editor Button: from n/a through 0.6.
Cross-Site Request Forgery (CSRF) vulnerability in edwardw WP No-Bot Question allows Cross Site Request Forgery. This issue affects WP No-Bot Question: from n/a through 0.1.7.
Cross-Site Request Forgery (CSRF) vulnerability in xjb REST API TO MiniProgram allows Cross Site Request Forgery. This issue affects REST API TO MiniProgram: from n/a through 4.7.1.
Cross-Site Request Forgery (CSRF) vulnerability in Ravinder Khurana WP Hide Admin Bar allows Cross Site Request Forgery. This issue affects WP Hide Admin Bar: from n/a through 2.0.
Cross-Site Request Forgery (CSRF) vulnerability in mg12 Mobile Themes allows Cross Site Request Forgery. This issue affects Mobile Themes: from n/a through 1.1.1.
Cross-Site Request Forgery (CSRF) vulnerability in A. Chappard Display Template Name allows Cross Site Request Forgery. This issue affects Display Template Name: from n/a through 1.7.1.
Cross-Site Request Forgery (CSRF) vulnerability in weblizar HR Management Lite allows Cross Site Request Forgery. This issue affects HR Management Lite: from n/a through 3.3.
Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview MyCryptoCheckout plugin <= 2.125 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Planet Studio Builder for Contact Form 7 by Webconstruct allows Cross Site Request Forgery. This issue affects Builder for Contact Form 7 by Webconstruct: from n/a through 1.2.2.
Cross-Site Request Forgery (CSRF) vulnerability in Aftab Ali Muni WP Add Active Class To Menu Item allows Cross Site Request Forgery. This issue affects WP Add Active Class To Menu Item: from n/a through 1.0.
The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 does not have CSRF check when deleting a client, and does not ensure that the object to be deleted is actually a client, which could allow attackers to make a logged in admin delete arbitrary client and post via a CSRF attack.
Cross-Site Request Forgery (CSRF) vulnerability in hosting.io JPG, PNG Compression and Optimization allows Cross Site Request Forgery. This issue affects JPG, PNG Compression and Optimization: from n/a through 1.7.35.
Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just Variables allows Cross Site Request Forgery. This issue affects Just Variables: from n/a through 1.2.3.
Cross-Site Request Forgery (CSRF) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions.