Skip to main content
CVE-2023-52144 MEDIUM This Month

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.3.15. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-31373 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in E2Pdf e2pdf e2pdf.20.27. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-31425 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in TMS Amelia.0.95. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-31378 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.2.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Mailchimp Forms
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-31389 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Ertano MihanPanel.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-31933 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Live Composer Team Page Builder: Live Composer.5.35. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-31434 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Stefano Lissa & The Newsletter Team Newsletter.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32103 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Siteimprove.0.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32097 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Eyal Fitoussi GEO my WordPress.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32096 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in DAEV.Tech WP Migration Plugin DB & Files - WP Synchro.11.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32452 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.5.19. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32449 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie RestroPress.1.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32446 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce.5.9. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32445 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition.05.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32093 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Nose Graze Novelist.2.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32092 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Michael Bester Kimili Flash Embed.5.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-31941 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Media Player.1.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-32085 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in AitThemes Citadela Listing.20.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Citadela Listing
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-31432 MEDIUM This Month

Missing Authorization vulnerability in StellarWP Restrict Content.2.8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-28957 MEDIUM This Month

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cente Ipv6 Cente Ipv6 Snmpv2 Cente Ipv6 Snmpv3 Cente Tcp Ipv4 +2
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2024-28894 MEDIUM This Month

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 headers exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Cente Ipv6 Cente Ipv6 Snmpv2 Cente Ipv6 Snmpv3
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-3774 MEDIUM This Month

aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values lacks proper restrictions on a specific parameter, allowing attackers to modify this parameter to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass A Hrd
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-23560 MEDIUM This Month

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2024-32129 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Freshworks Freshdesk (official).3.6. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2024-32431 MEDIUM This Month

Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.2. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Deserialization Wp All Import
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2024-32430 MEDIUM This Month

Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.1.14. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

SSRF Activecampaign
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2024-32454 MEDIUM This Month

Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more - Wappointment.6.0. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

SSRF
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-31374 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Scott Bolinger AppPresser apppresser allows Cross Site Request Forgery.3.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31388 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Pauple Table & Contact Form 7 Database - Tablesome.0.25. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31923 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in PluginOps Feather Login Page.1.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31421 MEDIUM This Month

Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic.10.27. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31382 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in creativethemeshq Blocksy blocksy.0.22. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31942 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.0.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31381 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in RebelCode Spotlight Social Media Feeds.6.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31376 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Andrew Dashboard To-Do List dashboard-to-do-list.3.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31921 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Ultimate Product Catalogue.2.15. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31433 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in StellarWP The Events Calendar the-events-calendar.3.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31422 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Philippe Bernard Favicon.3.29. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31429 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Sarada Lite.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Sarada
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-32443 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.34.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Country Blocker
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31385 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Reservation Diary ReDi Restaurant Reservation.0128. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31384 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Spa and Salon.2.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Spa And Salon
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31383 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Pagelayer PopularFX.2.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31379 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Smash Balloon Social Post Feed.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-30546 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Login With Ajax.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31940 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in RedNao Extra Product Options Builder for WooCommerce.2.104. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31938 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Themeinwp NewsXpress.0.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31922 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Anton Aleksandrov WordPress Hosting Benchmark tool.3.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31920 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Currency per Product for WooCommerce.6.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31431 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Product Input Fields for WooCommerce.7.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy