Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2023-05-23 CVE-2023-2702 Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass.This issue affects Competition Management System: before 23.07.
network
low complexity
CWE-639
8.8
2023-05-23 CVE-2023-2703 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users.This issue affects Competition Management System: before 23.07.
network
low complexity
CWE-359
7.6
2023-05-23 CVE-2022-46851 Cross-Site Request Forgery (CSRF) vulnerability in Brainstormforce Starter Templates
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates plugin <= 3.1.20 versions.
network
low complexity
brainstormforce CWE-352
8.8
2023-05-23 CVE-2022-46853 Cross-Site Request Forgery (CSRF) vulnerability in Radiustheme Post Grid
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 5.0.4 versions.
network
low complexity
radiustheme CWE-352
8.8
2023-05-23 CVE-2023-23705 Cross-Site Request Forgery (CSRF) vulnerability in Hmplugin Wordpress Books Gallery
Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.
network
low complexity
hmplugin CWE-352
8.8
2023-05-23 CVE-2023-23713 Cross-Site Request Forgery (CSRF) vulnerability in Theme Tweaker Project Theme Tweaker
Cross-Site Request Forgery (CSRF) vulnerability in Manoj Thulasidas Theme Tweaker plugin <= 5.20 versions.
network
low complexity
theme-tweaker-project CWE-352
8.8
2023-05-23 CVE-2023-25056 Cross-Site Request Forgery (CSRF) vulnerability in Slickremix Feed Them Social
Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed Them Social plugin <= 3.0.2 versions.
network
low complexity
slickremix CWE-352
8.8
2023-05-23 CVE-2023-23706 Cross-Site Request Forgery (CSRF) vulnerability in Miniorange Wordpress Social Login and Register (Discord, Google, Twitter, Linkedin)
Cross-Site Request Forgery (CSRF) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 versions.
network
low complexity
miniorange CWE-352
8.8
2023-05-23 CVE-2023-23724 Cross-Site Request Forgery (CSRF) vulnerability in Winwar WP Email Capture
Cross-Site Request Forgery (CSRF) vulnerability in Winwar Media WP Email Capture plugin <= 3.9.3 versions.
network
low complexity
winwar CWE-352
8.8
2023-05-23 CVE-2023-25472 Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podcast Publisher
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher plugin <= 3.8.3 versions.
network
low complexity
podlove CWE-352
8.8