CVE-2022-41987
Cross-Site Request Forgery (CSRF) vulnerability in LearningTimes BadgeOS plugin <=Â 3.7.1.6 versions.
Source: CVE-2022-41987
CVE-2022-41987
Cross-Site Request Forgery (CSRF) vulnerability in LearningTimes BadgeOS plugin <=Â 3.7.1.6 versions.
Source: CVE-2022-41987
CVE-2023-28370
Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.
Source: CVE-2023-28370
CVE-2022-47165
Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule plugin <=Â 3.3.8 versions.
Source: CVE-2022-47165
CVE-2022-47177
Cross-Site Request Forgery (CSRF) vulnerability in WP Easy Pay WP EasyPay – Square for WordPress plugin <= 4.1 versions.
Source: CVE-2022-47177
CVE-2023-27529
Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution before file access vulnerability. When a user is tricked to execute a small malicious script before executing the affected version of the installer, arbitrary code may be executed with the root privilege.
Source: CVE-2023-27529
CVE-2022-45367
Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <=Â 1.4.0 versions.
Source: CVE-2022-45367
CVE-2022-47161
Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <=Â 1.5.1 versions.
Source: CVE-2022-47161
CVE-2022-47149
Cross-Site Request Forgery (CSRF) vulnerability in Pretty Links plugin <=Â 1.4 versions.
Source: CVE-2022-47149
CVE-2023-30484
Cross-Site Request Forgery (CSRF) vulnerability in uPress Enable Accessibility plugin <=Â 1.4 versions.
Source: CVE-2023-30484
CVE-2023-2886
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
Source: CVE-2023-2886