cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-32739,https://securityvulnerability.io/vulnerability/CVE-2023-32739,WordPress WP Custom Cursors Plugin < 3.2 is vulnerable to Cross Site Request Forgery (CSRF),"A Cross-Site Request Forgery (CSRF) vulnerability exists in versions lower than 3.2 of the Web_Trendy WP Custom Cursors Plugin for WordPress. This flaw allows attackers to perform unwanted actions on behalf of authenticated users, potentially compromising the security and integrity of the site. Proper precautions and updates are essential to mitigate this risk and safeguard user data.",Wordpress,WP Custom Cursors | WordPress Cursor Plugin,8.8,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,2023-11-09T21:15:00.000Z,0
CVE-2023-2221,https://securityvulnerability.io/vulnerability/CVE-2023-2221,WP Custom Cursors < 3.2 - Admin+ SQLi,"The WP Custom Cursors WordPress plugin, prior to version 3.2, fails to properly sanitize and escape parameters before including them in SQL queries. This oversight permits SQL injection attacks, which malicious users with administrative privileges can exploit to manipulate the database, potentially gaining unauthorized access to sensitive data or performing unauthorized actions.",Wordpress,WP Custom Cursors | WordPress Cursor Plugin,7.2,HIGH,0.0009399999980814755,false,,false,false,false,,false,false,2023-06-19T11:15:00.000Z,0
CVE-2022-3150,https://securityvulnerability.io/vulnerability/CVE-2022-3150,WP Custom Cursors < 3.2 - Admin+ SQLi,"The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin",Wordpress,WP Custom Cursors | WordPress Cursor Plugin,7.2,HIGH,0.0011399999493733048,false,,false,false,false,,false,false,2022-10-17T00:00:00.000Z,0