Common Vulnerabilities
In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.
CVE ID:
CVE-2023-0503
WordPress Plugin
99fy-core <= 1.2.7
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0502
WordPress Plugin
wp-news-magazine <= 1.1.9
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0500
WordPress Plugin
wp-film-studio <= 1.3.4
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0499
WordPress Plugin
quickswish <= 1.0.9
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0498
WordPress Plugin
wp-education <= 1.2.6
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0497
WordPress Plugin
ht-portfolio <= 1.1.5
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0496
WordPress Plugin
ht-event <= 1.4.5
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0501
WordPress Plugin
wp-insurance <= 2.1.3
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0484
WordPress Plugin
ht-contactform <= 1.1.5
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0495
WordPress Plugin
ht-slider-for-elementor <= 1.3.9
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.