Security Vulnerabilities - CVEs Published In July 2023
Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin <= 1.6.4.4 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.4.1 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in OOPSpam OOPSpam Anti-Spam plugin <= 1.1.44 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-11
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows an attacker to leak the email address of a user who created a service desk issue.
CVSS Score
3.5
EPSS Score
0.003
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.6 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin <= 1.3.3 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in Dave Jesch Database Collation Fix plugin <= 1.2.7 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in WP Engine PHP Compatibility Checker plugin <= 1.5.2 versions.
CVSS Score
5.4
EPSS Score
0.0
Published
2023-07-11
Cross-Site Request Forgery (CSRF) vulnerability in Denishua Comment Reply Notification plugin <= 1.4 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-07-11