Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2020-36751 | Cross-Site Request Forgery (CSRF) vulnerability in Jesseeproductions Coupon Creator The Coupon Creator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1. | 4.3 |
| 2023-10-20 | CVE-2020-36753 | Cross-Site Request Forgery (CSRF) vulnerability in Presscustomizr Hueman The Hueman theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.6.3. | 4.3 |
| 2023-10-20 | CVE-2020-36754 | Cross-Site Request Forgery (CSRF) vulnerability in Strangerstudios Paid Memberships PRO The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.2. | 4.3 |
| 2023-10-20 | CVE-2020-36755 | Cross-Site Request Forgery (CSRF) vulnerability in Presscustomizr Customizr The Customizr theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.0. | 4.3 |
| 2023-10-20 | CVE-2020-36758 | Cross-Site Request Forgery (CSRF) vulnerability in Themeisle RSS Aggregator BY Feedzy The RSS Aggregator by Feedzy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.2. | 4.3 |
| 2023-10-20 | CVE-2020-36759 | Cross-Site Request Forgery (CSRF) vulnerability in Cm-Wp Woody Code Snippets The Woody code snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.9. | 4.3 |
| 2023-10-20 | CVE-2021-4418 | Cross-Site Request Forgery (CSRF) vulnerability in Wpfactory Custom Css, JS & PHP 2.0.7 The Custom CSS, JS & PHP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.7. | 4.3 |
| 2023-10-20 | CVE-2022-2441 | Cross-Site Request Forgery (CSRF) vulnerability in Orangelab Imagemagick Engine The ImageMagick Engine plugin for WordPress is vulnerable to remote code execution via the 'cli_path' parameter in versions up to, and including 1.7.5. | 8.8 |
| 2023-10-20 | CVE-2023-4923 | Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. | 4.3 |
| 2023-10-20 | CVE-2023-4924 | Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. | 4.3 |