Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7286 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-11055 1 Netgear 26 Cm400, Cm400 Firmware, Cm600 and 23 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11.
CVE-2016-11015 1 Netgear 2 Jnr1010, Jnr1010 Firmware 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
CVE-2016-10997 1 Yourinspirationweb 1 Beauty-premium 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php.
CVE-2016-10989 1 Leenk 1 Leenk.me 2024-11-21 6.8 MEDIUM 8.8 HIGH
The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?page=leenkme_facebook CSRF.
CVE-2016-10982 1 Kentothemes 1 Kento-post-view-counter 2024-11-21 6.8 MEDIUM 8.8 HIGH
The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF.
CVE-2016-10978 1 Fossura 1 Tag Miner 2024-11-21 6.8 MEDIUM 8.8 HIGH
The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF.
CVE-2016-10974 1 Tonjoostudio 1 Fluid-responsive-slideshow 2024-11-21 6.8 MEDIUM 8.8 HIGH
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.
CVE-2016-10962 1 Icegram 1 Icegram Engage 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
CVE-2016-10946 1 Wp-d3 Project 1 Wp-d3 2024-11-21 6.8 MEDIUM 8.8 HIGH
The wp-d3 plugin before 2.4.1 for WordPress has CSRF.
CVE-2016-10945 1 Pagelines 1 Pagelines 2024-11-21 6.8 MEDIUM 8.8 HIGH
The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF.
CVE-2016-10944 1 Wpmaz 1 Multisite Post Duplicator 2024-11-21 6.8 MEDIUM 8.8 HIGH
The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.
CVE-2016-10938 1 Copy-me Project 1 Copy-me 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location.
CVE-2016-10918 1 Supsystic 1 Photo Gallery 2024-11-21 6.8 MEDIUM 8.8 HIGH
The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF.
CVE-2016-10915 1 Supsystic 1 Popup 2024-11-21 6.8 MEDIUM 8.8 HIGH
The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF.
CVE-2016-10914 1 Add From Server Project 1 Add From Server 2024-11-21 6.8 MEDIUM 8.8 HIGH
The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file.
CVE-2016-10903 1 Godaddy 1 Godaddy Email Marketing 2024-11-21 6.8 MEDIUM 8.8 HIGH
The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 for WordPress has CSRF.
CVE-2016-10902 1 Gowebsolutions 1 Wp Customer Reviews 2024-11-21 6.8 MEDIUM 8.8 HIGH
The wp-customer-reviews plugin before 3.0.9 for WordPress has CSRF in the admin tools.
CVE-2016-10885 1 Benjaminrojas 1 Wp Editor 2024-11-21 6.8 MEDIUM 8.8 HIGH
The wp-editor plugin before 1.2.6 for WordPress has CSRF.
CVE-2016-10884 1 Simple-membership-plugin 1 Simple Membership 2024-11-21 6.8 MEDIUM 8.8 HIGH
The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues.
CVE-2016-10883 1 Mijnpress 1 Simple Add Pages Or Posts 2024-11-21 5.8 MEDIUM 6.5 MEDIUM
The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users.