The Fast & Fancy Filter – 3F plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.2.2. This is due to missing nonce verification in the saveFields() funct
The FunKItools plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the saveFields() fu
The cForms – Light speed fast Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce valid
The Neos Connector for Fakturama plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.0.14. This is due to missing nonce validation in the ncff_add_pl
The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the save_opt
The Publish approval plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the publish_sav
The WP2HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the save() function. T
The Friendly Functions for Welcart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on
The Plugin updates blocker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on the pub_s
The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the get3_init_ad
The Trust Reviews plugin for Google, Tripadvisor, Yelp, Airbnb and other platforms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is d
The Advanced Database Cleaner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.6. This is due to missing or incorrect nonce validation on the
The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validation on the cas_register_p
The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on o
The SureForms plugin for WordPress is vulnerable to Cross-Site Request Forgery Bypass in all versions up to, and including, 1.13.1. This is due to the plugin distributing generic WordPress REST API no
The Call To Action Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.3. This is due to missing nonce validation in the cbox_options_page
The Advanced AJAX Product Filters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.6.8.1 due to insufficient input
The Simple Crypto Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2. This is due to missing nonce validation on the scs_backend functi
The Coding Blocks plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing nonce validation on the settings update functiona
The Easy Flashcards plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1. This is due to missing or incorrect nonce validation on the 'ef_settings
Page 1+ Next →