Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin <= 8.2.7 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5.

Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.10 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup.

Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.

IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158015.

Cross-Site Request Forgery (CSRF) vulnerability in utahta WP Social Bookmarking Light plugin <= 2.0.7 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Denishua Comment Reply Notification plugin <= 1.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed Them Social plugin <= 3.0.2 versions.

Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visually impaired plugin <= 0.58 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp Sitemap.This issue affects Simple Wp Sitemap: from n/a through 1.2.1.

Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <= 1.2.3 versions.

The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtrans_ajax_old AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF.

Cross-Site Request Forgery (CSRF) vulnerability in tiggersWelt.Net Worthy plugin <= 1.6.5-6497609 versions.

Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin <= 1.6 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.5 versions.

Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Videos plugin <= 2.6.1 versions.

A vulnerability has been found in Rebuild 3.2 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. VDB-227866 is the identifier assigned to this vulnerability.

Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart <= 1.4.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Schema – All In One Schema Rich Snippets plugin <= 1.6.5 versions.

Cross-Site Request Forgery (CSRF) vulnerability in A2 Hosting A2 Optimized WP plugin <= 3.0.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in TheOnlineHero - Tom Skroza Admin Block Country plugin <= 7.1.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Menu plugin <= 1.2.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin <= 3.6.4.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP plugin <= 2.5.0 leads to object delete.

Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin <= 1.3.3 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Really Simple Google Tag Manager plugin <= 1.0.6 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Swatchly plugin <= 1.2.0 versions.

Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation.

Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce plugin <= 1.4.10 leads to settings change.

Cross-Site Request Forgery (CSRF) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Mobile plugin <= 1.6.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer Admin Log plugin <= 1.50 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Feed plugin <= 1.2.7 versions.

Cross-Site Request Forgery (CSRF) vulnerability in HasThemes JustTables plugin <= 1.4.9 versions.

Cross-Site Request Forgery (CSRF) vulnerability in MainWP Matomo Extension <= 4.0.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Manoj Thulasidas Theme Tweaker plugin <= 5.20 versions.

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request.

Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin <= 1.7.2 versions.

Cross-Site Request Forgery (CSRF) vulnerability in yonifre Maspik – Spam Blacklist plugin <= 0.7.8 versions.

Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0.