Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Float menu allows Cross Site Request Forgery. This issue affects Float menu: from n/a through 6.1.2.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder allows Cross Site Request Forgery. This issue affects Button Generator – easily Button Builder: from n/a through 3.1.1.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Popup Box allows Cross Site Request Forgery. This issue affects Popup Box: from n/a through 3.2.4.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Modal Window allows Cross Site Request Forgery. This issue affects Modal Window: from n/a through 6.1.4.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Herd Effects allows Cross Site Request Forgery. This issue affects Herd Effects: from n/a through 6.2.1.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite allows Cross Site Request Forgery. This issue affects Side Menu Lite: from n/a through 5.3.1.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box allows Cross Site Request Forgery. This issue affects Counter Box: from n/a through 2.0.5.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu allows Cross Site Request Forgery. This issue affects Bubble Menu – circle floating menu: from n/a through 4.0.2.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.5 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite – add sticky fixed buttons plugin <= 4.0 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company WP Coder allows Cross-Site Scripting (XSS). This issue affects WP Coder: from n/a through 3.6.
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users delete messages. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to delete messages to any user, including administrators, if they interact with a malicious request. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIcon Switcher plugin <= 1.2.11 at WordPress allows plugin settings change.
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds (Tweets Widget): from n/a through 2.2.3.
Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7.
Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 2.16.0 at WordPress, leading to plugin settings change.
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1.
Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Page View Count plugin <= 2.5.5 on WordPress allows an attacker to reset the plugin settings.
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza's Captcha Code plugin <= 2.7 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability Backup Scheduler plugin <= 1.5.13 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Shortcodes Ultimate plugin <= 5.12.0 at WordPress leading to plugin preset settings change.
Cross-Site Request Forgery (CSRF) vulnerability in Social Login WP plugin <= 5.0.0.0 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Station plugin <= 5.2.0 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS).This issue affects WebinarPress: from n/a through 1.33.20.
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin <= 1.3.4 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue affects SpeedyCache: from n/a through 1.1.8.
Cross-Site Request Forgery (CSRF) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Stored XSS.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1.
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in SEO Scout plugin <= 0.9.83 at WordPress allows attackers to trick users with administrative rights to unintentionally change the plugin settings.
Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG.This issue affects TinyPNG: from n/a through 3.4.3.
Cross-Site Request Forgery (CSRF) vulnerability in YDS Support Ticket System plugin <= 1.0 at WordPress.
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through 1.4.2.
Cross-Site Request Forgery (CSRF) vulnerability in wp.insider Simple Membership WP user Import simple-membership-wp-user-import allows Cross Site Request Forgery.This issue affects Simple Membership WP user Import: from n/a through <= 1.9.1.
Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6.
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) plugin <= 1.8.4 versions.
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users into performing an action they didn't intend to perform under their current authentication. This issue has been addressed in release version 1.8.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations.
Cross-Site Request Forgery (CSRF) vulnerability in MBE Worldwide S.p.A. MBE eShip allows Cross Site Request Forgery.This issue affects MBE eShip: from n/a through 2.1.2.
Cross-Site Request Forgery (CSRF) vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross Site Request Forgery.This issue affects BuddyBoss Theme: from n/a through 2.4.61.
Cross-Site Request Forgery (CSRF) vulnerability in WPdevelop/Oplugins Booking Calendar plugin <= 9.2.1 at WordPress leading to Translations Update.
Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash allows Cross Site Request Forgery.This issue affects Uncanny Toolkit Pro for LearnDash: from n/a before 4.1.4.1.
Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Cross Site Request Forgery.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through <= 1.3.