Search Results

🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Search Results

Showing 81-100 of 1095 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title

Searches through the title of each vulnerability for matches.

date

Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.

cvss-rating

Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.

researcher

Returns vulnerabilities credited to researchers containing the given text.

software

Returns vulnerabilities discovered in software containing the given text.

software-slug

Returns vulnerabilities discovered in software exactly matching the given slug.

software-type

Use plugin, theme or core to limit the search to the specified type of software.

By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.

WooCommerce Login Redirect <= 2.2.4 - Cross-Site Request Forgery

4.3

CVE-2023-48773

Nov 28, 2023

Researcher: qilin_99

Razorpay for WooCommerce <= 4.5.6 - Cross-Site Request Forgery

4.3

CVE ID Unknown

Nov 28, 2023

Researchers:

Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates <= 3.0.5 - Cross-Site Request Forgery via process_bulk_action

4.3

CVE-2023-49148

Nov 28, 2023

Researcher: LEE SE HYOUNG

AdFoxly – Ad Manager, AdSense Ads & Ads.txt <= 1.8.5 - Cross-Site Request Forgery

4.3

CVE-2023-46617

Nov 28, 2023

Researcher: LVT-tholv2k

Button Generator – easily Button Builder <= 2.3.8 - Cross-Site Request Forgery

4.3

CVE-2023-49155

Nov 28, 2023

Researcher: Elliot

Ecwid Ecommerce Shopping Cart <= 6.12.4 - Cross-Site Request Forgery

4.3

CVE-2023-51533

Nov 28, 2023

Researcher: Brandon James Roldan (tomorrowisnew)

SVGator – Add Animated SVG Easily <= 1.2.4 - Cross-Site Request Forgery

7.1

CVE-2023-48766

Nov 28, 2023

Researcher: Abdi Pranata

Add to Cart Text Changer and Customize Button, Add Custom Icon <= 2.0 - Cross-Site Request Forgery via wactc_text_form

4.3

CVE-2023-49153

Nov 28, 2023

Researcher: Skalucy

teachPress <= 9.0.5 - Cross-Site Request Forgery via delete_database()

4.3

CVE-2023-49163

Nov 28, 2023

Researcher: LVT-tholv2k

WP Forms Puzzle Captcha <= 4.1 - Cross-Site Request Forgery to Cross-Site Scripting

6.1

CVE-2023-48278

Nov 28, 2023

Researcher: qilin_99

Chat Bubble <= 2.3 - Cross-Site Request Forgery via cbb_submit_settings_data

6.5

CVE-2023-48769

Nov 28, 2023

Researcher: Vladislav Pokrovsky (ΞX.MI)

Multiple Plugins by Crocoblock <= (Various Versions) - Cross-Site Request Forgery

4.3

CVE-2023-48762

Nov 28, 2023

Researcher: Rafie Muhammad

teachPress <= 9.0.4 - Cross-Site Request Forgery

5.3

CVE-2023-48755

Nov 27, 2023

Researcher: LVT-tholv2k

RegistrationMagic <= 5.2.2.6 - Cross-Site Request Forgery

4.3

CVE-2023-47645

Nov 27, 2023

Researcher: thiennv

Delete Post Revisions In WordPress <= 4.6 - Cross-Site Request Forgery

4.3

CVE-2023-48754

Nov 27, 2023

Researcher: Skalucy

Export any WordPress data to XML/CSV < 1.4.1 & WP ALL Export Pro < 1.8.6 - Cross-Site Request Forgery to PHAR Deserialization

8.8

CVE-2023-5886

Nov 24, 2023

Researcher: Alex Sanford

Availability Calendar <= 1.2.6 - Cross-Site Request Forgery via add_availability_calendar_create_admin_page()

4.3

CVE-2023-48744

Nov 24, 2023

Researcher: Nguyen Xuan Chien

Export any WordPress data to XML/CSV < 1.4.1 & WP ALL Export Pro < 1.8.6 - Cross-Site Request Forgery to Remote Code Execution

8.8

CVE-2023-5882

Nov 24, 2023

Researchers: Donato Di Pasquale, Francesco Marano

Simple Testimonials Showcase <= 1.1.5 - Cross-Site Request Forgery

4.3

CVE-2023-48283

Nov 23, 2023

Researcher: Nguyen Xuan Chien

Seraphinite Post .DOCX Source <= 2.16.6 - Cross-Site Request Forgery

4.3

CVE-2023-48279

Nov 23, 2023

Researcher: Skalucy

Title	CVE ID	CVSS	Researchers	Date
WooCommerce Login Redirect <= 2.2.4 - Cross-Site Request Forgery	CVE-2023-48773	4.3	qilin_99	November 28, 2023
Razorpay for WooCommerce <= 4.5.6 - Cross-Site Request Forgery		4.3		November 28, 2023
Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates <= 3.0.5 - Cross-Site Request Forgery via process_bulk_action	CVE-2023-49148	4.3	LEE SE HYOUNG	November 28, 2023
AdFoxly – Ad Manager, AdSense Ads & Ads.txt <= 1.8.5 - Cross-Site Request Forgery	CVE-2023-46617	4.3	LVT-tholv2k	November 28, 2023
Button Generator – easily Button Builder <= 2.3.8 - Cross-Site Request Forgery	CVE-2023-49155	4.3	Elliot	November 28, 2023
Ecwid Ecommerce Shopping Cart <= 6.12.4 - Cross-Site Request Forgery	CVE-2023-51533	4.3	Brandon James Roldan (tomorrowisnew)	November 28, 2023
SVGator – Add Animated SVG Easily <= 1.2.4 - Cross-Site Request Forgery	CVE-2023-48766	7.1	Abdi Pranata	November 28, 2023
Add to Cart Text Changer and Customize Button, Add Custom Icon <= 2.0 - Cross-Site Request Forgery via wactc_text_form	CVE-2023-49153	4.3	Skalucy	November 28, 2023
teachPress <= 9.0.5 - Cross-Site Request Forgery via delete_database()	CVE-2023-49163	4.3	LVT-tholv2k	November 28, 2023
WP Forms Puzzle Captcha <= 4.1 - Cross-Site Request Forgery to Cross-Site Scripting	CVE-2023-48278	6.1	qilin_99	November 28, 2023
Chat Bubble <= 2.3 - Cross-Site Request Forgery via cbb_submit_settings_data	CVE-2023-48769	6.5	Vladislav Pokrovsky (ΞX.MI)	November 28, 2023
Multiple Plugins by Crocoblock <= (Various Versions) - Cross-Site Request Forgery	CVE-2023-48762	4.3	Rafie Muhammad	November 28, 2023
teachPress <= 9.0.4 - Cross-Site Request Forgery	CVE-2023-48755	5.3	LVT-tholv2k	November 27, 2023
RegistrationMagic <= 5.2.2.6 - Cross-Site Request Forgery	CVE-2023-47645	4.3	thiennv	November 27, 2023
Delete Post Revisions In WordPress <= 4.6 - Cross-Site Request Forgery	CVE-2023-48754	4.3	Skalucy	November 27, 2023
Export any WordPress data to XML/CSV < 1.4.1 & WP ALL Export Pro < 1.8.6 - Cross-Site Request Forgery to PHAR Deserialization	CVE-2023-5886	8.8	Alex Sanford	November 24, 2023
Availability Calendar <= 1.2.6 - Cross-Site Request Forgery via add_availability_calendar_create_admin_page()	CVE-2023-48744	4.3	Nguyen Xuan Chien	November 24, 2023
Export any WordPress data to XML/CSV < 1.4.1 & WP ALL Export Pro < 1.8.6 - Cross-Site Request Forgery to Remote Code Execution	CVE-2023-5882	8.8	Donato Di Pasquale, Francesco Marano	November 24, 2023
Simple Testimonials Showcase <= 1.1.5 - Cross-Site Request Forgery	CVE-2023-48283	4.3	Nguyen Xuan Chien	November 23, 2023
Seraphinite Post .DOCX Source <= 2.16.6 - Cross-Site Request Forgery	CVE-2023-48279	4.3	Skalucy	November 23, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation