Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-48773 | Cross-Site Request Forgery (CSRF) vulnerability in Wpdoctor Woocommerce Login Redirect 2.2.4 Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommerce Login Redirect.This issue affects WooCommerce Login Redirect: from n/a through 2.2.4. | 8.8 |
| 2023-12-18 | CVE-2023-48778 | Cross-Site Request Forgery (CSRF) vulnerability in Villatheme Product Size Chart for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Product Size Chart For WooCommerce.This issue affects Product Size Chart For WooCommerce: from n/a through 1.1.5. | 8.8 |
| 2023-12-18 | CVE-2023-48781 | Cross-Site Request Forgery (CSRF) vulnerability in Marketingrapel Mkrapel Regiones Y Ciudades DE Chile Para WC Cross-Site Request Forgery (CSRF) vulnerability in Marketing Rapel MkRapel Regiones y Ciudades de Chile para WC.This issue affects MkRapel Regiones y Ciudades de Chile para WC: from n/a through 4.3.0. | 8.8 |
| 2023-12-18 | CVE-2023-49148 | Cross-Site Request Forgery (CSRF) vulnerability in Affiliatebooster Affiliate Booster Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates.This issue affects Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5. | 8.8 |
| 2023-12-18 | CVE-2023-5882 | Cross-Site Request Forgery (CSRF) vulnerability in Soflyy products The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers to make logged in users perform unwanted actions leading to remote code execution. | 8.8 |
| 2023-12-18 | CVE-2023-5886 | Cross-Site Request Forgery (CSRF) vulnerability in Soflyy products The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading to PHAR deserialization, which may lead to remote code execution. | 8.8 |
| 2023-12-18 | CVE-2023-46617 | Cross-Site Request Forgery (CSRF) vulnerability in Wpfoxly Adfoxly 1.8.5 Cross-Site Request Forgery (CSRF) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt.This issue affects AdFoxly – Ad Manager, AdSense Ads & Ads.Txt: from n/a through 1.8.5. | 8.8 |
| 2023-12-18 | CVE-2023-48762 | Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock Jetelements for Elementor Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13. | 8.8 |
| 2023-12-18 | CVE-2023-48766 | Cross-Site Request Forgery (CSRF) vulnerability in Svgator Cross-Site Request Forgery (CSRF) vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4. | 8.8 |
| 2023-12-18 | CVE-2023-33214 | Cross-Site Request Forgery (CSRF) vulnerability in Taggbox 2.9 Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1. | 8.8 |