Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9246 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2019-15841 1 Facebook 1 Facebook For Woocommerce 2024-11-21 N/A
The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility.
CVE-2019-15840 1 Facebook 1 Facebook For Woocommerce 2024-11-21 N/A
The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
CVE-2019-15835 1 Wp Better Permalinks Project 1 Wp Better Permalinks 2024-11-21 N/A
The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF.
CVE-2019-15834 1 Webp Converter For Media Project 1 Webp Converter For Media 2024-11-21 N/A
The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF.
CVE-2019-15832 1 Wp-buy 1 Visitor Traffic Real Time Statistics 2024-11-21 N/A
The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.
CVE-2019-15831 1 Wp-buy 1 Visitor Traffic Real Time Statistics 2024-11-21 N/A
The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.
CVE-2019-15828 1 Tribulant 1 One Click Ssl 2024-11-21 N/A
The one-click-ssl plugin before 1.4.7 for WordPress has CSRF.
CVE-2019-15781 1 Weblizar 1 Social Likebox \& Feed 2024-11-21 N/A
The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF.
CVE-2019-15779 1 Quadlayers 1 Wp Social Feed Gallery 2024-11-21 N/A
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete.
CVE-2019-15770 1 Hallme 1 Woocommerce Address Book 2024-11-21 N/A
The woo-address-book plugin before 1.6.0 for WordPress has save calls without nonce verification checks.
CVE-2019-15769 1 Haktansuren 1 Handl Utm Grabber 2024-11-21 N/A
The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via add_option and update_option.
CVE-2019-15660 1 Butlerblog 1 Wp-members 2024-11-21 N/A
The wp-members plugin before 3.2.8 for WordPress has CSRF.
CVE-2019-15648 1 Elearningfreak 1 Insert Or Embed Articulate Content 2024-11-21 N/A
The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber.
CVE-2019-15645 1 Zoho 1 Salesiq 2024-11-21 N/A
The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF.
CVE-2019-15515 1 Discourse 1 Discourse 2024-11-21 N/A
Discourse 2.3.2 sends the CSRF token in the query string.
CVE-2019-15496 1 Manageyourteam 1 Myt Project Management 2024-11-21 N/A
MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.
CVE-2019-15491 1 It-novum 1 Openitcockpit 2024-11-21 N/A
openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21.
CVE-2019-15329 1 Codection 1 Import Users From Csv With Meta 2024-11-21 N/A
The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF.
CVE-2019-15238 1 Cformsii Project 1 Cformsii 2024-11-21 N/A
The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.
CVE-2019-15229 1 Thedaylightstudio 1 Fuel Cms 2024-11-21 N/A
FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.