Total
4240 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10903 | 1 Godaddy | 1 Godaddy Email Marketing | 2019-08-23 | 6.8 MEDIUM | 8.8 HIGH |
| The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF. | |||||
| CVE-2019-14216 | 1 Wp Svg Icons Project | 1 Wp Svg Icons | 2019-08-23 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP archive containing a .php file. | |||||
| CVE-2016-10902 | 1 Gowebsolutions | 1 Wp Customer Reviews | 2019-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-customer-reviews plugin before 3.0.9 for WordPress has CSRF in the admin tools. | |||||
| CVE-2017-18569 | 1 Mythemeshop | 1 My Wp Translate | 2019-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| The my-wp-translate plugin before 1.0.4 for WordPress has CSRF. | |||||
| CVE-2017-18523 | 1 Eelv Newsletter Project | 1 Eelv Newsletter | 2019-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| The eelv-newsletter plugin before 4.6.1 for WordPress has CSRF in the address book. | |||||
| CVE-2016-10914 | 1 Add From Server Project | 1 Add From Server | 2019-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file. | |||||
| CVE-2019-15238 | 1 Cformsii Project | 1 Cformsii | 2019-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field. | |||||
| CVE-2019-14682 | 1 Acf\ | 1 Better Search Project | 2019-08-22 | 4.3 MEDIUM | 4.3 MEDIUM |
| The acf-better-search (aka ACF: Better Search) plugin before 3.3.1 for WordPress allows wp-admin/options-general.php?page=acfbs_admin_page CSRF. | |||||
| CVE-2016-10885 | 1 Wp Editor Project | 1 Wp Editor | 2019-08-22 | 6.8 MEDIUM | 8.8 HIGH |
| The wp-editor plugin before 1.2.6 for WordPress has CSRF. | |||||
| CVE-2015-9332 | 1 Wordpress Uninstall Project | 1 Wordpress Uninstall | 2019-08-22 | 5.8 MEDIUM | 6.5 MEDIUM |
| The uninstall plugin before 1.2 for WordPress has CSRF to delete all tables via the wp-admin/admin-ajax.php?action=uninstall URI. | |||||
| CVE-2015-9322 | 1 Erident Custom Login And Dashboard Project | 1 Erident Custom Login And Dashboard | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF. | |||||
| CVE-2016-10915 | 1 Supsystic | 1 Popup | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF. | |||||
| CVE-2011-5328 | 1 User Access Manager Project | 1 User Access Manager | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The user-access-manager plugin before 1.2 for WordPress has CSRF. | |||||
| CVE-2014-10381 | 1 User Domain Whitelist Project | 1 User Domain Whitelist | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The user-domain-whitelist plugin before 1.5 for WordPress has CSRF. | |||||
| CVE-2017-18547 | 1 Neliosoftware | 1 Nelio Ab Testing | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms. | |||||
| CVE-2018-20971 | 1 Churchadminplugin | 1 Church Admin | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan. | |||||
| CVE-2017-18546 | 1 Jayj Quicktag Project | 1 Jayj Quicktag | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF. | |||||
| CVE-2017-18544 | 1 Invite Anyone Project | 1 Invite Anyone | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. | |||||
| CVE-2018-20972 | 1 Codeermeneer | 1 Companion Auto Update | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The companion-auto-update plugin before 3.2.1 for WordPress has CSRF. | |||||
| CVE-2018-20974 | 1 Joomsky | 1 Js Job Manager | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The js-jobs plugin before 1.0.7 for WordPress has CSRF. | |||||