Skip to main content
CVE-2024-37503 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Lawyer Landing Page allows Cross Site Request Forgery.2.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-56236 MEDIUM This Month

Missing Authorization vulnerability in Jakob Bouchard Hestia Nginx Cache allows Exploiting Incorrectly Configured Access Control Security Levels.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Nginx
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37508 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Construction Landing Page allows Cross Site Request Forgery.3.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-47807 MEDIUM This Month

Missing Authorization vulnerability in 10Web 10WebAnalytics allows Exploiting Incorrectly Configured Access Control Security Levels.2.12. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-47778 MEDIUM This Month

Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2022-41995 MEDIUM This Month

Missing Authorization vulnerability in Galleryape Gallery Images Ape allows Exploiting Incorrectly Configured Access Control Security Levels.2.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-56255 MEDIUM This Month

Missing Authorization vulnerability in AyeCode AyeCode Connect allows Exploiting Incorrectly Configured Access Control Security Levels.3.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37451 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Travel Agency allows Cross Site Request Forgery.4.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37450 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Benevolent allows Cross Site Request Forgery.3.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37435 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Perfect Portfolio allows Cross Site Request Forgery.2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37093 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes MasterStudy LMS allows Cross Site Request Forgery.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-46080 MEDIUM This Month

Missing Authorization vulnerability in Farhan Noor ApplyOnline - Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.5.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37518 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar The Events Calendar allows Cross Site Request Forgery.5.1.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37511 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in SWTE Swift Performance Lite allows Cross Site Request Forgery.3.6.20. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37493 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in SKT Themes Posterity allows Cross Site Request Forgery.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37490 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Bard allows Cross Site Request Forgery.210. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38766 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Matomo Matomo Analytics allows Cross Site Request Forgery.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38765 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Freelancelot Oceanic allows Cross Site Request Forgery.0.48. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38763 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Themes4WP Popularis Verse allows Cross Site Request Forgery.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38762 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar Event Tickets allows Cross Site Request Forgery.11.0.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38754 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Taggbox allows Cross Site Request Forgery.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38753 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Animated Rotating Words allows Cross Site Request Forgery.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38751 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Magazine3 Google Adsense & Banner Ads by AdsforWP allows Cross Site Request Forgery.9.28. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-38691 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Metorik Metorik - Reports & Email Automation for WooCommerce allows Cross Site Request Forgery.7.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37543 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Nitesh Singh Ultimate Auction allows Cross Site Request Forgery.2.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37540 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Leaky Paywall Leaky Paywall allows Cross Site Request Forgery.21.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37473 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in BlazeThemes Trendy News allows Cross Site Request Forgery.0.15. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37458 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in ExtendThemes Highlight allows Cross Site Request Forgery.0.29. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37448 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in FameThemes OnePress allows Cross Site Request Forgery.3.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37441 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in DesertThemes NewsMash allows Cross Site Request Forgery.0.34. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37431 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Horea Radu Mesmerize allows Cross Site Request Forgery.6.120. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37426 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Elegant Pink allows Cross Site Request Forgery.3.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37421 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme JobScout allows Cross Site Request Forgery.1.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37413 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Preschool and Kindergarten allows Cross Site Request Forgery.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37274 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Freshlight Lab WP Mobile Menu allows Cross Site Request Forgery.8.4.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37272 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WP Travel Engine Travel Monster allows Cross Site Request Forgery.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37243 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Vandana Lite allows Cross Site Request Forgery.1.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37242 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters allows Cross Site Request Forgery.13.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37240 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage allows Cross Site Request Forgery.3.51. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37236 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Tim Whitlock Loco Translate allows Cross Site Request Forgery.6.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37235 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37104 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Chic Lite allows Cross Site Request Forgery.1.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37103 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Education Zone allows Cross Site Request Forgery.3.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37412 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Blossom Shop allows Cross Site Request Forgery.1.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-47523 MEDIUM This Month

Missing Authorization vulnerability in Ecreate Infotech Auto Tag Creator allows Exploiting Incorrectly Configured Access Control Security Levels.0.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-46203 MEDIUM This Month

Missing Authorization vulnerability in JustCoded / Alex Prokopenko Just Custom Fields allows Exploiting Incorrectly Configured Access Control Security Levels.3.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-45765 MEDIUM This Month

Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels.12.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-45002 MEDIUM This Month

Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.6.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-44988 MEDIUM This Month

Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.32. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-37417 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Coachify Coachify allows Cross Site Request Forgery.0.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy