Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 4240 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15113 1 Codeermeneer 1 Companion Sitemap Generator 2019-08-21 6.8 MEDIUM 8.8 HIGH
The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF.
CVE-2019-15114 1 Ncrafts 1 Formcraft 2019-08-21 6.8 MEDIUM 8.8 HIGH
The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF.
CVE-2019-14681 1 Deny All Firewall Project 1 Deny All Firewall 2019-08-20 6.8 MEDIUM 8.8 HIGH
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=daf_settings&daf_remove=true CSRF.
CVE-2013-7476 1 Simple Fields Project 1 Simple Fields 2019-08-20 6.8 MEDIUM 8.8 HIGH
The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface.
CVE-2016-10883 1 Mijnpress 1 Simple Add Pages Or Posts 2019-08-20 5.8 MEDIUM 6.5 MEDIUM
The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users.
CVE-2017-18512 1 Supsystic 1 Newsletter By Supsystic 2019-08-20 6.8 MEDIUM 8.8 HIGH
The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.
CVE-2017-18511 1 Wpmudev 1 Custom Sidebars 2019-08-20 6.8 MEDIUM 8.8 HIGH
The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF.
CVE-2017-18510 1 Wpmudev 1 Custom Sidebars 2019-08-20 6.8 MEDIUM 8.8 HIGH
The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions.
CVE-2018-20968 1 Smackcoders 1 Ultimate Exporter 2019-08-19 6.8 MEDIUM 8.8 HIGH
The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.
CVE-2018-20967 1 Smackcoders 1 Wp Ultimate Csv Importer 2019-08-19 6.8 MEDIUM 8.8 HIGH
The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF.
CVE-2016-10882 1 Google Doc Embedder Project 1 Google Doc Embedder 2019-08-19 6.8 MEDIUM 8.8 HIGH
The google-document-embedder plugin before 2.6.2 for WordPress has CSRF.
CVE-2019-14679 1 Reputeinfosystems 1 Arprice Lite 2019-08-19 4.3 MEDIUM 6.5 MEDIUM
core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arplite_import_export CSRF.
CVE-2016-10863 1 Edimax 4 7237rpd, 7237rpd Firmware, Ew-7438rpn Mini and 1 more 2019-08-16 6.8 MEDIUM 8.8 HIGH
Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure.
CVE-2017-18504 1 Wpdeveloper 1 Twitter Cards Meta 2019-08-16 6.8 MEDIUM 8.8 HIGH
The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF.
CVE-2018-20964 1 Codepeople 1 Contact Form Email 2019-08-15 6.8 MEDIUM 8.8 HIGH
The contact-form-to-email plugin before 1.2.66 for WordPress has CSRF.
CVE-2017-18485 1 Elementalpath 2 Cognitoys Dino, Cognitoys Dino Firmware 2019-08-15 5.8 MEDIUM 5.4 MEDIUM
Cognitoys Dino devices allow profiles_add.html CSRF.
CVE-2016-10862 1 Neetcables 2 Airstream Nas, Airstream Nas Firmware 2019-08-15 6.8 MEDIUM 8.8 HIGH
Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page.
CVE-2015-9292 1 6kbbs 1 6kbbs 2019-08-15 6.8 MEDIUM 8.8 HIGH
6kbbs 7.1 and 8.0 allows CSRF via portalchannel_ajax.php (id or code parameter) or admin.php (fileids parameter).
CVE-2016-10865 1 23systems 1 Lightbox Plus Colorbox 2019-08-15 4.3 MEDIUM 6.1 MEDIUM
The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.
CVE-2016-10876 1 Wpseeds 1 Wp Database Backup 2019-08-14 6.8 MEDIUM 8.8 HIGH
The wp-database-backup plugin before 4.3.1 for WordPress has CSRF.