Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.4. This is due t
Cross-Site Request Forgery (CSRF) vulnerability in maennchen1.de wpShopGermany IT-RECHT KANZLEI wpshopgermany-it-recht-kanzlei allows Cross Site Request Forgery.This issue affects wpShopGermany IT-REC
Cross-Site Request Forgery (CSRF) vulnerability in CleverReach® Official CleverReach Plugin for WooCommerce cleverreach-wc allows Cross Site Request Forgery.This issue affects Official CleverReach Plu
WordPress Lazy Content Slider Plugin 3.4 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms. Attackers can trick
iDS6 DSSPro Digital Signage System 6.2 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft malic
Wowza Streaming Engine 4.5.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by crafting malicious web pages. Attackers can trick logged-in
Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request.
b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit
Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce Support System allows Cross Site Request Forgery.This issue affects Woocommerce Support System: from n/a through 1.2.2.
Cross-Site Request Forgery (CSRF) vulnerability in mklacroix Product Configurator for WooCommerce product-configurator-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Conf
A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a
Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administr
Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft
A Cross-Site Request Forgery (CSRF) in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request.
WordPress More Fields Plugin 2.1 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by disabling CSRF token validation. Attackers can craft malic
PHP-SHOP 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to add administrative users by crafting malicious HTML forms. Attackers can trick authenticated a
A Cross-Site Request Forgery (CSRF) in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
Quick.Cart is vulnerable to Cross-Site Request Forgery in product creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST
Cross-Site request forgery (CSRF) vulnerability in weDevs WooCommerce Conversion Tracking allows Cross Site Request Forgery. This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.1
Cross-Site Request Forgery (CSRF) vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders all