CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2023-52136 Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds β A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds β A Tweets Widget or X Feed Widget: fro... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-52145 Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-52149 Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-51535 Cross-Site Request Forgery (CSRF) vulnerability in Π‘leanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTa... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-51538 Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support β WordPress HelpDesk & Support Plugin.This issue affects Awesome Support β WordPress HelpDesk & Support Plugin: ... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-51539 Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-51668 Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-51673 Cross-Site Request Forgery (CSRF) vulnerability in Designful Stylish Price List β Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List β Price Table Builder & QR Code Re... | 5.4 | MEDIUM | β | 0 |
| CVE-2023-51678 Cross-Site Request Forgery (CSRF) vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-52119 Cross-Site Request Forgery (CSRF) vulnerability in Icegram Icegram Engage β WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building.This issue affects Icegram Engage β WordPress ... | 4.3 | MEDIUM | β | 0 |
| CVE-2023-52120 Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms β Ultimate Form Builder β Contact forms and much more.This issue affects NEX-Forms β Ultimate Form Builder β Contact forms and much m... | 5.4 | MEDIUM | β | 0 |
| CVE-2023-52121 Cross-Site Request Forgery (CSRF) vulnerability in NitroPack Inc. NitroPack β Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack β Ca... | 5.4 | MEDIUM | β | 0 |
| CVE-2023-52122 Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board.This issue affects Simple Job Board: from n/a through 2.10.6. | 4.3 | MEDIUM | β | 0 |
| CVE-2022-46839 Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk β Best Help Desk & Support Plugin.This issue affects JS Help Desk β Best Help Desk & Support Plugin: from n/a... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-52143 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37. | 7.5 | HIGH | β | 0 |
| CVE-2023-52146 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-52148 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager.This issue affects Affiliates Manager: from n/a through 2.9.30. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-52151 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Uncanny Automator, Uncanny Owl Uncanny Automator β Automate everything with the #1 no-code automation and integration plugin... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-52124 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin LLC WP Tabs β Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affec... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-52125 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly iframe allows Stored XSS.This issue affects iframe: from n/a through 4.8. | 6.5 | MEDIUM | β | 0 |
| CVE-2023-52126 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Suman Bhattarai Send Users Email.This issue affects Send Users Email: from n/a through 1.4.3. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-21744 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-21745 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Stored XSS.This issue affects Laybuy Paymen... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-21747 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accountin... | 7.6 | HIGH | β | 0 |
| CVE-2023-52215 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in UkrSolution Simple Inventory Management β just scan barcode to manage products and orders. For Woo... | 9.3 | CRITICAL | β | 0 |
| CVE-2023-52218 Deserialization of Untrusted Data vulnerability in Anton Bond Woocommerce Tranzila Payment Gateway.This issue affects Woocommerce Tranzila Payment Gateway: from n/a through 1.0.8. | 10.0 | CRITICAL | β | 0 |
| CVE-2023-52219 Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1. | 9.9 | CRITICAL | β | 0 |
| CVE-2023-52225 Deserialization of Untrusted Data vulnerability in Tagbox Tagbox β UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox β UGC Galleries, Social Media Widgets, User R... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-52190 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. | 7.5 | HIGH | β | 0 |
| CVE-2023-52208 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-52222 Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-52200 Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember β Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.Th... | 9.6 | CRITICAL | β | 0 |
| CVE-2023-52203 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a th... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-52204 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Javik Randomize.This issue affects Randomize: from n/a through 1.4.3. | 8.5 | HIGH | β | 0 |
| CVE-2023-52205 Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 SoundCloud Player with Playlist Free.This issue affects HTML5 SoundCloud Player with Playlist Free: from n/a through 2.8.0. | 9.1 | CRITICAL | β | 0 |
| CVE-2023-52206 Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer live-composer-page-builder.This issue affects Page Builder: Live Composer: from n/a through 1.5.25. | 7.7 | HIGH | β | 0 |
| CVE-2023-52213 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review β AJAX Reviews for Content, with Star Ratings allows Reflected XSS.T... | 7.1 | HIGH | β | 0 |
| CVE-2023-52216 Cross-Site Request Forgery (CSRF) vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3. | 4.3 | MEDIUM | β | 0 |
| CVE-2022-45354 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-51406 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup β Fastest WordPress Migration & Duplicator.This issue affects FastDup β Fastest WordPress Migration & Dup... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-51408 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StudioWombat WP Optin Wheel β Gamified Optin Email Marketing Tool for WordPress and WooCommerce.This issue affects WP Optin ... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-51490 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security β Malware Scanner, Login Security & Firewall.This issue affects Defender Security β Malware Scann... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-51508 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Database Cleaner: Clean, Optimize & Repair.This issue affects Database Cleaner: Clean, Optimize & Repair: from n/... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-52142 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cool Plugins Events Shortcodes For The Events Calendar.This issue affects Events Shortcodes For Th... | 7.6 | HIGH | β | 0 |
| CVE-2023-52196 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Ewels CPT Bootstrap Carousel allows Reflected XSS.This issue affects CPT Bootstrap Carousel: ... | 7.1 | HIGH | β | 0 |
| CVE-2023-52197 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Impactpixel Ads Invalid Click Protection allows Stored XSS.This issue affects Ads Invalid Click Pr... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-52198 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michiel van Eerd Private Google Calendars allows Stored XSS.This issue affects Private Google Cale... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-52201 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brian D. Goad pTypeConverter.This issue affects pTypeConverter: from n/a through 0.2.8.1. | 7.6 | HIGH | β | 0 |
| CVE-2023-52202 Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Folder Feedburner Playlist Free.This issue affects HTML5 MP3 Player with Folder Feedburner Playlist Free: fro... | 9.1 | CRITICAL | β | 0 |
| CVE-2022-34344 Missing Authorization vulnerability in Rymera Web Co Wholesale Suite β WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More.This issue affects Whol... | 5.4 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.