Security Vulnerabilities - CVEs Published In November 2023
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin <= 3.7.1 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forget About Shortcode Buttons plugin <= 2.1.2 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in WP Reactions, LLC WP Reactions Lite plugin <= 1.3.8 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.
CVSS Score
5.9
EPSS Score
0.003
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in Benedict B., Maciej Gryniuk Hyphenator plugin <= 5.1.5 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in LOKALYZE CALL ME NOW plugin <= 3.0 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in Web_Trendy WP Custom Cursors | WordPress Cursor Plugin plugin < 3.2 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09