Total
8012 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-10938 | 1 Copy-me Project | 1 Copy-me | 2024-11-21 | 6.5 Medium |
| The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location. | ||||
| CVE-2016-10918 | 1 Supsystic | 1 Photo Gallery | 2024-11-21 | N/A |
| The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. | ||||
| CVE-2016-10915 | 1 Supsystic | 1 Popup | 2024-11-21 | N/A |
| The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF. | ||||
| CVE-2016-10914 | 1 Add From Server Project | 1 Add From Server | 2024-11-21 | N/A |
| The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file. | ||||
| CVE-2016-10903 | 1 Godaddy | 1 Godaddy Email Marketing | 2024-11-21 | N/A |
| The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF. | ||||
| CVE-2016-10902 | 1 Gowebsolutions | 1 Wp Customer Reviews | 2024-11-21 | N/A |
| The wp-customer-reviews plugin before 3.0.9 for WordPress has CSRF in the admin tools. | ||||
| CVE-2016-10885 | 1 Benjaminrojas | 1 Wp Editor | 2024-11-21 | N/A |
| The wp-editor plugin before 1.2.6 for WordPress has CSRF. | ||||
| CVE-2016-10884 | 1 Simple-membership-plugin | 1 Simple Membership | 2024-11-21 | 8.8 High |
| The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues. | ||||
| CVE-2016-10883 | 1 Mijnpress | 1 Simple Add Pages Or Posts | 2024-11-21 | N/A |
| The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users. | ||||
| CVE-2016-10882 | 1 Google Doc Embedder Project | 1 Google Doc Embedder | 2024-11-21 | N/A |
| The google-document-embedder plugin before 2.6.2 for WordPress has CSRF. | ||||
| CVE-2016-10876 | 1 Wpseeds | 1 Wp Database Backup | 2024-11-21 | N/A |
| The wp-database-backup plugin before 4.3.1 for WordPress has CSRF. | ||||
| CVE-2016-10874 | 1 Wpseeds | 1 Wp Database Backup | 2024-11-21 | 8.8 High |
| The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. | ||||
| CVE-2016-10865 | 1 23systems | 1 Lightbox Plus Colorbox | 2024-11-21 | N/A |
| The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS. | ||||
| CVE-2016-10863 | 1 Edimax | 4 7237rpd, 7237rpd Firmware, Ew-7438rpn Mini and 1 more | 2024-11-21 | N/A |
| Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure. | ||||
| CVE-2016-10862 | 1 Neetcables | 2 Airstream Nas, Airstream Nas Firmware | 2024-11-21 | N/A |
| Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page. | ||||
| CVE-2016-10861 | 1 Neetcables | 2 Airstream, Airstream Nas Firmware | 2024-11-21 | N/A |
| Neet AirStream NAS1.1 devices allow CSRF attacks that cause the settings binary to change the AP name and password. | ||||
| CVE-2016-10766 | 1 Edx | 1 Edx-platform | 2024-11-21 | 8.8 High |
| edx-platform before 2016-06-06 allows CSRF. | ||||
| CVE-2016-10757 | 1 Readaxo | 1 Readaxo | 2024-11-21 | N/A |
| In Redaxo 5.2.0, the cron management of the admin panel suffers from CSRF that leads to arbitrary Remote Code Execution via addons/cronjob/lib/types/phpcode.php. | ||||
| CVE-2016-10756 | 1 Kliqqi | 1 Kliqqi Cms | 2024-11-21 | N/A |
| Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/upload_main.php can be used for the upload itself. | ||||
| CVE-2016-10738 | 1 Castlamp | 1 Zenbership | 2024-11-21 | N/A |
| Zenbership v107 has CSRF via admin/cp-functions/event-add.php. | ||||