SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee-de28928aed34 allow CSRF (e.g., for a reboot) via a DNS Rebinding attack.

Cross-Site Request Forgery (CSRF) vulnerability in Advanced Flamingo.This issue affects Advanced Flamingo: from n/a through 1.0.

Cross-Site Request Forgery (CSRF) vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8.

Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.

Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1.

Cross-Site Request Forgery (CSRF) vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3.

Missing Authorization vulnerability in voidCoders Void Contact Form 7 Widget For Elementor Page Builder.This issue affects Void Contact Form 7 Widget For Elementor Page Builder: from n/a through 2.3.

Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Playlist Free.This issue affects HTML5 MP3 Player with Playlist Free: from n/a through 3.0.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Javik Randomize.This issue affects Randomize: from n/a through 1.4.3.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brian D. Goad pTypeConverter.This issue affects pTypeConverter: from n/a through 0.2.8.1.

Cross-Site Request Forgery (CSRF) vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.6.

Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0.

Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical...

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chr...

Cross-Site Request Forgery (CSRF) vulnerability in Ovation S.R.L. Dynamic Content for Elementor.This issue affects Dynamic Content for Elementor: from n/a before 2.12.5.

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0.

Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cool Plugins Events Shortcodes For The Events Calendar.This issue affects Events Shortcodes For Th...

The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and...

Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds – A Tweets Widget or X Feed Widget: fro...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: fr...

Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager.This issue affects Affiliates Manager: from n/a through 2.9.31.

Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler teachPress.This issue affects teachPress: from n/a through 9.0.4.

Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard.This issue affects White Label – WordPress Custom Admin, Custom...