Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27438 | 1 Yur4enko | 1 Wp Translitera | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Evgen Yurchenko WP Translitera plugin <= p1.2.5 versions. | |||||
| CVE-2020-7331 | 1 Mcafee | 1 Endpoint Security | 2023-11-15 | 4.6 MEDIUM | 7.8 HIGH |
| Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | |||||
| CVE-2023-27436 | 1 Breakdance | 1 Elegant Custom Fonts | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Louis Reingold Elegant Custom Fonts plugin <= 1.0 versions. | |||||
| CVE-2023-28498 | 1 Motopress | 1 Hotel Booking Lite | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Booking Lite plugin <= 4.6.0 versions. | |||||
| CVE-2023-28497 | 1 Tribulant | 1 Slideshow Gallery | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin <= 1.7.6 versions. | |||||
| CVE-2023-28495 | 1 Mythemeshop | 1 Wp Shortcode | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop WP Shortcode by MyThemeShop plugin <= 1.4.16 versions. | |||||
| CVE-2021-31849 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2023-11-15 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension. | |||||
| CVE-2021-31844 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2023-11-15 | 4.6 MEDIUM | 7.3 HIGH |
| A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size. | |||||
| CVE-2023-34031 | 1 Casier | 1 Bbpress Toolkit | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions. | |||||
| CVE-2023-29426 | 1 Spreadshop | 1 Spreadshop | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd.Net AG) Spreadshop plugin <= 1.6.5 versions. | |||||
| CVE-2023-32579 | 1 Designsandcode | 1 Forget About Shortcode Buttons | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forget About Shortcode Buttons plugin <= 2.1.2 versions. | |||||
| CVE-2023-32512 | 1 Shortpixel | 1 Shortpixel Adaptive Images | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions. | |||||
| CVE-2023-29428 | 1 Superbthemes | 1 Superb Social Media Share Buttons And Follow Buttons | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <= 1.1.3 versions. | |||||
| CVE-2021-31841 | 1 Mcafee | 1 Mcafee Agent | 2023-11-15 | 6.9 MEDIUM | 7.3 HIGH |
| A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute arbitrary code as the system user, through not checking the DLL signature. | |||||
| CVE-2023-29440 | 1 Presstigers | 1 Simple Job Board | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board plugin <= 2.10.3 versions. | |||||
| CVE-2023-30478 | 1 Tribulant | 1 Newsletters | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters plugin <= 4.8.8 versions. | |||||
| CVE-2023-36667 | 1 Couchbase | 1 Couchbase Server | 2023-11-15 | N/A | 7.5 HIGH |
| Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal. | |||||
| CVE-2021-31837 | 1 Mcafee | 1 Getsusp | 2023-11-15 | 6.1 MEDIUM | 7.8 HIGH |
| Memory corruption vulnerability in the driver file component in McAfee GetSusp prior to 4.0.0 could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, leading to the execution of arbitrary code, potentially triggering a BSOD. | |||||
| CVE-2023-31078 | 1 Browserupdate | 1 Wp Browserupdate | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <= 4.4.1 versions. | |||||
| CVE-2021-31836 | 1 Mcafee | 1 Mcafee Agent | 2023-11-15 | 3.6 LOW | 7.1 HIGH |
| Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user. | |||||
| CVE-2023-32739 | 1 Hamidrezasepehr | 1 Custom Cursors | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Web_Trendy WP Custom Cursors | WordPress Cursor Plugin plugin < 3.2 versions. | |||||
| CVE-2023-32744 | 1 Woocommerce | 1 Product Recommendations | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions. | |||||
| CVE-2023-34025 | 1 Lws | 1 Lws Hide Login | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Hide Login plugin <= 2.1.6 versions. | |||||
| CVE-2023-34024 | 1 Guillemantdavid | 1 Full Auto Tags Manager | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Guillemant David WP Full Auto Tags Manager plugin <= 2.2 versions. | |||||
| CVE-2023-32794 | 1 Woocommerce | 1 Product Addons | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions. | |||||
| CVE-2023-32745 | 1 Woocommerce | 1 Automatewoo | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions. | |||||
| CVE-2023-32602 | 1 Lokalyze | 1 Call Me Now | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in LOKALYZE CALL ME NOW plugin <= 3.0 versions. | |||||
| CVE-2023-36527 | 1 Bestwebsoft | 1 Post To Csv | 2023-11-15 | N/A | 8.8 HIGH |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0. | |||||
| CVE-2023-25983 | 1 Liquidweb | 1 Kb Support | 2023-11-15 | N/A | 8.8 HIGH |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.5.84. | |||||
| CVE-2021-23894 | 1 Mcafee | 1 Database Security | 2023-11-15 | 10.0 HIGH | 8.8 HIGH |
| Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server. | |||||
| CVE-2023-23678 | 1 Wpeka | 1 Wp Cookie Consent | 2023-11-15 | N/A | 7.2 HIGH |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent ( for GDPR, CCPA & ePrivacy ).This issue affects WP Cookie Consent ( for GDPR, CCPA & ePrivacy ): from n/a through 2.2.5. | |||||
| CVE-2023-36024 | 1 Microsoft | 1 Edge Chromium | 2023-11-15 | N/A | 7.1 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-31093 | 1 Chronosly-events-calendar Project | 1 Chronosly-events-calendar | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly Events Calendar plugin <= 2.6.2 versions. | |||||
| CVE-2023-31088 | 1 Floating Action Button Project | 1 Floating Action Button | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi Floating Action Button plugin <= 1.2.1 versions. | |||||
| CVE-2023-31086 | 1 Ibenic | 1 Simple Giveaways | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin <= 2.46.0 versions. | |||||
| CVE-2023-32592 | 1 Fast-search-powered-by-solr Project | 1 Fast-search-powered-by-solr | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions. | |||||
| CVE-2023-32587 | 1 Wpreactions | 1 Wp Reactions Lite | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Reactions, LLC WP Reactions Lite plugin <= 1.3.8 versions. | |||||
| CVE-2023-32501 | 1 Vikwp | 1 Vikbooking Hotel Booking Engine \& Pms | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.6.1 versions. | |||||
| CVE-2023-32500 | 1 Xtemos | 1 Woodmart | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions. | |||||
| CVE-2023-32125 | 1 Danielpowney | 1 Multi Rating | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions. | |||||
| CVE-2023-32093 | 1 Tpginc | 1 Tpg Redirect | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Criss Swaim TPG Redirect plugin <= 1.0.7 versions. | |||||
| CVE-2023-32092 | 1 Peepso | 1 Peepso | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin <= 6.0.9.0 versions. | |||||
| CVE-2023-31235 | 1 Xnau | 1 Participants Database | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.9 versions. | |||||
| CVE-2023-36014 | 1 Microsoft | 1 Edge Chromium | 2023-11-15 | N/A | 7.3 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2023-32502 | 1 Cyberwire | 1 Pro Mime Types | 2023-11-15 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions. | |||||
| CVE-2022-44738 | 1 Patrickrobrecht | 1 Posts And Users Stats | 2023-11-15 | N/A | 8.8 HIGH |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Patrick Robrecht Posts and Users Stats.This issue affects Posts and Users Stats: from n/a through 1.1.3. | |||||
| CVE-2022-41616 | 1 Kaushikkalathiya | 1 Export Users Data | 2023-11-15 | N/A | 8.8 HIGH |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1. | |||||
| CVE-2022-38702 | 1 Kigurumi | 1 Csv Exporter | 2023-11-15 | N/A | 8.8 HIGH |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0. | |||||
| CVE-2023-46757 | 1 Huawei | 1 Harmonyos | 2023-11-15 | N/A | 7.5 HIGH |
| The remote PIN module has a vulnerability that causes incorrect information storage locations.Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2023-46758 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-15 | N/A | 7.5 HIGH |
| Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device. | |||||