“Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration.” Read more at the NVD: CVE-2022-43488 ...

Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely.

The National Vulnerability Database (NVD) explains it like this: “The WP Statistics plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 13.1.1.

CVE-2024-27564 is a server-side request forgery vulnerability located in the pictureproxy.php component of ChatGPT code. Attackers can inject malicious URLs in the input parameters, forcing the ...

CVE-2024-53705 (CVSS 6.5/10) is a server-side request forgery vulnerability in the SonicOS SSH management interface allowing remote attackers to establish malicious TCP connections.

The third vulnerability added to CISA’s KEV list on July 28, CVE-2023-2533, is a high-severity cross-site request forgery (CSRF) vulnerability affecting PaperCut Next Generation (NG) and ...