Total
8118 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37973 | 1 Replace Word Project | 1 Replace Word | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in David Pokorny Replace Word plugin <= 2.1 versions. | ||||
| CVE-2023-37964 | 1 Jenkins | 1 Elasticbox Ci | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-37962 | 1 Jenkins | 1 Benchmark Evaluator | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system. | ||||
| CVE-2023-37961 | 1 Jenkins | 1 Assembla | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-37958 | 1 Jenkins | 1 Sumologic Publisher | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers to connect to an attacker-specified URL. | ||||
| CVE-2023-37957 | 1 Jenkins | 1 Pipeline Restful Api | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and earlier allows attackers to connect to an attacker-specified URL, capturing a newly generated JCLI token. | ||||
| CVE-2023-37955 | 1 Jenkins | 1 Test Results Aggregator | 2024-11-21 | 6.5 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. | ||||
| CVE-2023-37954 | 1 Jenkins | 1 Rebuilder | 2024-11-21 | 4.3 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Rebuilder Plugin 320.v5a_0933a_e7d61 and earlier allows attackers to rebuild a previous build. | ||||
| CVE-2023-37952 | 1 Jenkins | 1 Mabl | 2024-11-21 | 6.5 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins mabl Plugin 0.0.46 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-37892 | 1 Pluginpress | 1 Shortcode Imdb | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Kemal YAZICI - PluginPress Shortcode IMDB plugin <= 6.0.8 versions. | ||||
| CVE-2023-37891 | 1 Optimonk | 1 Optimonk\ | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin <= 2.0.4 versions. | ||||
| CVE-2023-37889 | 1 Wpadmin | 1 Aws Cdn | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WPAdmin WPAdmin AWS CDN plugin <= 2.0.13 versions. | ||||
| CVE-2023-37650 | 1 Agentejo | 1 Cockpit | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) in the Admin portal of Cockpit CMS v2.5.2 allows attackers to execute arbitrary Administrator commands. | ||||
| CVE-2023-37598 | 1 Issabel | 1 Pbx | 2024-11-21 | 4.5 Medium |
| A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function. | ||||
| CVE-2023-37597 | 1 Issabel | 1 Pbx | 2024-11-21 | 8.1 High |
| Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function. | ||||
| CVE-2023-37596 | 1 Issabel | 1 Pbx | 2024-11-21 | 8.1 High |
| Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a crafted script to the deleteuser function. | ||||
| CVE-2023-37562 | 1 Elecom | 4 Wtc-c1167gc-b, Wtc-c1167gc-b Firmware, Wtc-c1167gc-w and 1 more | 2024-11-21 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in exists in WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier. If a user views a malicious page while logged in, unintended operations may be performed. | ||||
| CVE-2023-37392 | 1 Wp Dummy Content Generator Project | 1 Wp Dummy Content Generator | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Deepak Anand WP Dummy Content Generator plugin <= 2.3.0 versions. | ||||
| CVE-2023-37387 | 1 Radiustheme | 1 Classified Listing | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Classified Listing plugin <= 2.4.5 versions. | ||||
| CVE-2023-37386 | 1 Codexin | 1 Media Library Helper | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Media Library Helper plugin <= 1.2.0 versions. | ||||