Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9363 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-35091 1 Storeapps 1 Stock Manager For Woocommerce 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Manager for WooCommerce plugin <= 2.10.0 versions.
CVE-2023-35089 1 Really-simple-plugins 1 Recipe Maker For Your Food Blog From Zip Recipes 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.7 versions.
CVE-2023-35047 1 Areoi 1 All Bootstrap Blocks 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.
CVE-2023-35044 1 Securimage-wp-fixed Project 1 Securimage-wp-fixed 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Drew Phillips Securimage-WP plugin <= 3.6.16 versions.
CVE-2023-35041 1 Webpushr 1 Web Push Notifications 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions.
CVE-2023-35038 1 Wpexperts 1 Wp Pdf Generator 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpexperts.Io WP PDF Generator plugin <= 1.2.2 versions.
CVE-2023-35030 1 Liferay 2 Dxp, Liferay Portal 2024-11-21 8.8 High
Cross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter.
CVE-2023-34386 1 Wpclever 1 Wpc Smart Wishlist For Woocommerce 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions.
CVE-2023-34384 1 Kebo Twitter Feed Project 1 Kebo Twitter Feed 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo Twitter Feed plugin <= 1.5.12 versions.
CVE-2023-34378 1 Scriptburn 1 Wp Hide Post 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in scriptburn.Com WP Hide Post plugin <= 2.0.10 versions.
CVE-2023-34373 1 Zephyr Project Manager Project 1 Zephyr Project Manager 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.
CVE-2023-34371 1 Spamreferrerblock Project 1 Spamreferrerblock 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions.
CVE-2023-34182 1 Shawfactor 1 Lh-password-changer 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw LH Password Changer plugin <= 1.55 versions.
CVE-2023-34181 1 Wp-cirrus Project 1 Wp-cirrus 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus plugin <= 0.6.11 versions.
CVE-2023-34178 1 Groundhogg 1 Groundhogg 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions.
CVE-2023-34177 1 Kenthhagstrom 1 Wp-cachecom 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Kenth Hagström WP-Cache.Com plugin <= 1.1.1 versions.
CVE-2023-34171 1 Esiteq 1 Wp Report Post 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Alex Raven WP Report Post plugin <= 2.1.2 versions.
CVE-2023-34169 1 Sakura 1 Ts Webfonts For Sakura 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 versions.
CVE-2023-34085 1 Pingidentity 1 Pingfederate 2024-11-21 2.6 Low
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
CVE-2023-34033 1 Malinky 1 Malinky-ajax-pagination 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin <= 2.0.1 versions.