Skip to main content
CVE-2023-47787 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Bookings.0.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Woocommerce Bookings
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-50372 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita Custom Post Type Page Template.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Custom Post Type Page Template
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-49844 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Kevin Ohashi WPPerformanceTester.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wpperformancetester
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-49840 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Palscode Multi Currency For WooCommerce.5.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Multi Currency For Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-23584 MEDIUM This Month

An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an insufficiently-privileged user to infer the presence of items that would not otherwise be viewable. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Command Centre
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-23576 MEDIUM This Month

Incorrect behavior order in the Command Centre Server could allow privileged users to gain physical access to the site for longer than intended after a network outage when competencies are used in. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Command Centre
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-22439 MEDIUM This Month

Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000 optional diagnostic web interface (Port 80) can be used to perform a Denial of Service of the diagnostic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Controller 6000 Firmware Command Centre
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-5056 MEDIUM This Month

A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments. Rated medium severity (CVSS 4.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Service Interconnect
NVD
CVSS 3.1
4.1
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy