Cross-Site Request Forgery (CSRF) vulnerability in Serhii Pasyuk Gmedia Photo Gallery allows Cross Site Request Forgery.This issue affects Gmedia Photo Gallery: from n/a through 1.24.1.
Cross-Site Request Forgery (CSRF) vulnerability in yonifre Lenix scss compiler allows Cross Site Request Forgery. This issue affects Lenix scss compiler: from n/a through 1.2.
The Seraphinite Accelerator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.27.21. This is due to missing or incorrect nonce validation on the 'OnAdminApi_CacheOpBegin' function. This makes it possible for unauthenticated attackers to perform several administrative actions, including deleting the cache, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Cross-Site Request Forgery (CSRF) vulnerability in instapagedev Instapage Plugin allows Cross Site Request Forgery. This issue affects Instapage Plugin: from n/a through 3.5.12.
Cross-Site Request Forgery (CSRF) vulnerability in Alexufo Youtube SpeedLoad plugin <= 0.6.3 versions.
Cross-Site Request Forgery (CSRF) vulnerability in Galaxy Weblinks Post Featured Video allows Cross Site Request Forgery. This issue affects Post Featured Video: from n/a through 1.7.
Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP Client Reports.This issue affects WP Client Reports: from n/a through 1.0.22.
Cross-Site Request Forgery (CSRF) vulnerability in Joovii Sendle Shipping allows Cross Site Request Forgery. This issue affects Sendle Shipping: from n/a through 6.02.
Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com SEO Booster.This issue affects SEO Booster: from n/a through 3.8.9.
Cross-Site Request Forgery (CSRF) vulnerability in YITH YITH WooCommerce Compare.This issue affects YITH WooCommerce Compare: from n/a through 2.37.0.
Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.8.0.
Cross-Site Request Forgery (CSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.0.27.
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Canada Post Shipping Method.This issue affects Canada Post Shipping Method: from n/a through 2.8.3.
Cross-Site Request Forgery (CSRF) vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.6.9.
Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One].This issue affects WP Compress – Image Optimizer [All-In-One]: from n/a through 6.10.35.
Cross-Site Request Forgery (CSRF) vulnerability in BracketSpace Simple Post Notes.This issue affects Simple Post Notes: from n/a through 1.7.6.
Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.4.2.
Cross-Site Request Forgery (CSRF) vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.2.
Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce.This issue affects Order Delivery Date for WooCommerce: from n/a through 3.20.2.
Cross-Site Request Forgery (CSRF) vulnerability in Themeinwp NewsXpress.This issue affects NewsXpress: from n/a through 1.0.7.
Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1.
Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through 6.15.20.
Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule Headline Analyzer.This issue affects Headline Analyzer: from n/a through 1.3.3.
Cross-Site Request Forgery (CSRF) vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4.
Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0.
Cross-Site Request Forgery (CSRF) vulnerability in Scott Kingsley Clark Crony Cronjob Manager.This issue affects Crony Cronjob Manager: from n/a through 0.5.0.
Cross-Site Request Forgery (CSRF) vulnerability in RedNao Extra Product Options Builder for WooCommerce.This issue affects Extra Product Options Builder for WooCommerce: from n/a through 1.2.104.
Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Ultimate Product Catalogue.This issue affects Ultimate Product Catalogue: from n/a through 5.2.15.
Cross-Site Request Forgery (CSRF) vulnerability in Anton Aleksandrov WordPress Hosting Benchmark tool.This issue affects WordPress Hosting Benchmark tool: from n/a through 1.3.6.
Cross-Site Request Forgery (CSRF) vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.This issue affects Leadinfo: from n/a through 1.0.
Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3.
Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7.
Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1.
Cross-Site Request Forgery (CSRF) vulnerability in Exactly WWW EWWW Image Optimizer.This issue affects EWWW Image Optimizer: from n/a through 7.2.3.
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Smash Balloon Social Post Feed.This issue affects Smash Balloon Social Post Feed: from n/a through 4.2.1.
A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/makehtml_spec.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.
Cross-Site Request Forgery (CSRF) vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6.
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar.This issue affects The Events Calendar: from n/a through 6.3.0.
Unauthenticated Cross Site Request Forgery (CSRF) in Post Views Counter <= 1.4.4 versions.
Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.3.1.1.
A vulnerability was found in Clavister E10 and E80 up to 14.00.10 and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 14.00.11 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-258917 was assigned to this vulnerability.
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1.
Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issue affects LifterLMS: from n/a through 7.5.0.
Cross-Site Request Forgery (CSRF) vulnerability in Arnan de Gans No-Bot Registration.This issue affects No-Bot Registration: from n/a through 1.9.1.
Cross-Site Request Forgery (CSRF) vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0.
Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0.
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth: from n/a through 7.3.9.
Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerable to cross-site request forgery, which may allow an attacker to cause a user to carry out an action unintentionally.