CWE:
 

Tytuł
Data
Autor
Low
WordPress MapFig Studio 0.2.1 Cross Site Request Forgery / Cross Site Scripting
14.08.2024
Vuln Seeker Cybersecur...
Low
XenForo 2.2.15 Cross Site Request Forgery
17.07.2024
EgiX
Med.
Carbon Forum 5.9.0 Cross Site Request Forgery / SQL Injection
24.06.2024
bRpsd
Low
Paradox IP150 Internet Module 1.40.00 Cross Site Request Forgery
24.06.2024
Jakob Pachmann
Low
Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting
19.05.2024
malvuln
Low
SOPlanning 1.52.00 Cross Site Request Forgery
04.05.2024
liquidsky
Low
Casdoor < v1.331.0 /api/set-password CSRF
14.04.2024
Van Lam Nguyen
Med.
ITFlow.org CSRF system settings change
25.02.2024
stehled
Low
ITFlow Cross Site Request Forgery
22.02.2024
stehled
Low
Grocy 4.0.2 Cross Site Request Forgery
03.02.2024
Chance Proctor
Low
TEM Opera Plus FM Family Transmitter 35.45 Cross Site Request Forgery
29.10.2023
LiquidWorm
Med.
Urvanov Syntax Highlighter <= 2.8.33 - Highlighting Blocks Mgt via CSRF
27.10.2023
E1.CODERS
Med.
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
03.10.2023
Fabian Hagg
Low
PHPJabbers Vacation Rental Script 4.0 Cross Site Request Forgery
09.08.2023
Hasan Ali YILDIR
Low
WBCE CMS 1.6.1 Open Redirect & CSRF
03.07.2023
Mirabbas Ağalarov
Low
WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting
22.06.2023
Amirhossein Bahramizad...
Low
Siemens SIMATIC S7-1200 Cross Site Request Forgery
21.05.2023
RoseSecurity
Med.
WordPress Core 6.2 XSS / CSRF / Directory Traversal
17.05.2023
Jakub Zoczek
High
KODExplorer 4.49 Cross Site Request Forgery / Shell Upload
21.04.2023
Mr Empy
Low
WordPress Real Estate 7 Theme <= 3.3.4 - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities
05.03.2023
FearZzZz
Low
WordPress WoodMart Theme <= 7.1.1 - Theme License Options Change via CSRF
05.03.2023
FearZzZz
Low
WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery
01.03.2023
fearzzzz
Med.
Demanzo Matrimony 1.5 Cross Site Request Forgery
19.02.2023
indoushka
Med.
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization
02.02.2023
Marco Wotschka
Low
Tiki Wiki CMS Groupware 25.0 Cross Site Request Forgery
11.01.2023
EgiX
High
WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access Controls
11.01.2023
Ramuel Gall
Med.
F5 BIG-IP iControl Cross Site Request Forgery
21.11.2022
Ron Bowes
Low
WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery
15.11.2022
Julien Ahrens
Med.
Online Birth Certificate Management System 1.0 Cross Site Request Forgery
27.09.2022
Yousef Alraddadi
Low
Online Employee Leave Management System 1.0 Cross Site Request Forgery
06.09.2022
Amolo Hunters
High
WordPress Ecwid Ecommerce Shopping Cart 6.10.23 Cross Site Request Forgery
06.08.2022
Marco Wotschka
Low
Transposh WordPress Translation 1.0.8.1 Cross Site Request Forgery
01.08.2022
Julien Ahrens
Med.
WordPress Plugin Blue Admin 21.06.01 Cross-Site Request Forgery (CSRF)
02.07.2022
Anonymous
Low
Marval MSM 14.19.0.12476 Cross Site Request Forgery
20.06.2022
Momen Eldawakhly
Low
PHPIPAM 1.4.4 Cross Site Request Forgery / Cross Site Scripting
22.05.2022
Rodolfo Tavares
Low
WordPress Blue Admin 21.06.01 Cross Site Request Forgery
11.05.2022
Abisheik M
Low
qdPM 9.2 Cross Site Request Forgery
07.04.2022
Chetanya Sharma
Low
WordPress Curtain 1.0.2 Cross Site Request Forgery
30.03.2022
Hassan Khan Yusufzai
Low
ICEHRM 31.0.0.0S Cross Site Request Forgery
22.03.2022
Devansh Bordia
Low
iRZ Mobile Router Cross Site Request Forgery / Remote Code Execution
22.03.2022
Robert Willis
Low
FileCloud 21.2 Cross Site Request Forgery
23.02.2022
Masashi Fujiwara
High
Zyxel Buffer Overflow / File Disclosure / CSRF / XSS / Broken Access Control
17.02.2022
Stefan Viehbock
Low
WordPress International SMS For Contact Form 7 Integration 1.2 CSRF
15.02.2022
Milad Karimi
Low
Subrion CMS 4.2.1 Cross Site Request Forgery
12.02.2022
Aryan Chehreghani
High
FileBrowser 2.17.2 Code Execution / Cross Site Request Forgery
08.02.2022
Febin Mon Saji
High
Korenix Technology JetWave CSRF / Command Injection / Missing Authentication
07.02.2022
T. Weber
Low
OpenBMCS 2.4 Cross Site Request Forgery
17.01.2022
LiquidWorm
Med.
SB Admin Cross Site Request Forgery / SQL Injection
17.01.2022
Taurus Omar
High
Arunna 1.0.0 Cross Site Request Forgery
17.12.2021
L_L
Low
Zucchetti Axess CLOKI Access Control 1.64 Cross Site Request Forgery
16.12.2021
LiquidWorm
Low
Quick.CMS 6.7 Cross Site Request Forgery / Cross Site Scripting
17.11.2021
Rahad Chowdhury
Low
PHP Laravel 8.70.1 Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)
15.11.2021
Hosein Vita
Low
PHPGurukul Hostel Management System 2.1 Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)
30.10.2021
Anubhav Singh
Med.
Hostel Management System 2.1 Cross Site Request Forgery / Cross Site Scripting
28.10.2021
Anubhav Singh
Med.
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Add Admin Cross-Site Request Forgery (CSRF)
29.09.2021
LiquidWorm
Low
ECOA Building Automation System multiple Cross-Site Request Forgery (CSRF)
24.09.2021
Neurogenesia
High
Backdrop CMS 1.20.0 Cross Site Request Forgery / Command Execution
23.09.2021
V1n1v131r4
Low
WordPress Fitness Calculators 1.9.5 Cross Site Request Forgery
23.09.2021
0xB9
Low
ECOA Building Automation System Cross Site Request Forgery
13.09.2021
Neurogenesia
Low
Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials
20.08.2021
T. Weber
Low
Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery
01.08.2021
LiquidWorm
High
CloverDX 5.9.0 Code Execution / Cross Site Request Forgery
30.07.2021
niebardzo
Low
Webmin 1.973 Cross Site Request Forgery
14.07.2021
Mesh3l_911
Low
b2evolution 7.2.2 Cross Site Request Forgery
02.07.2021
Alperen Ergel
Low
ICE Hrm 29.0.0.OS Account Takeover Cross-Site Request Forgery (CSRF)
19.06.2021
Piyush Patil & Rafal L...
High
WordPress Plugin Database Backups 1.2.2.6 Database Backup Download CSRF
19.06.2021
0xB9
Med.
Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication
01.06.2021
T. Weber
Low
Ubee EVW327 Cross Site Request Forgery
01.06.2021
lated
Low
Dental Clinic Appointment Reservation System 1.0 Cross Site Request Forgery (Add Admin)
19.05.2021
Reza Afsahi
Low
NiceHash Miner Excavator 1.6.7c Cross Site Request Forgery
18.05.2021
Harry Sintonen
Med.
Sipwise C5 NGCP CSC Click2Dial Cross-Site Request Forgery
23.04.2021
LiquidWorm
High
GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution
18.04.2021
Bobby Cooke
Med.
GetSimple CMS My SMTP Contact Plugin 1.1.1 CSRF to RCE
16.04.2021
Bobby Cooke
Low
DMA Radius Manager 4.4.0 Cross Site Request Forgery
08.04.2021
Issac Briones
Low
Papoo CMS Cross Site Request Forgery
05.04.2021
Reinhard Westerholt
Low
GetSimple CMS Custom JS Plugin 0.1 CSRF to Persistent XSS
31.03.2021
Abhishek Joshi
Low
SOYAL Biometric Access Control System 5.0 Cross Site Request Forgery
20.03.2021
LiquidWorm
High
VestaCP 0.9.8 File Upload CSRF
17.03.2021
Fady Othman
Low
OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection
09.03.2021
Daniel Moreno
Low
e107 CMS 2.3.0 Cross Site Request Forgery
04.03.2021
Tadjmen
High
Unibox 2.4 CSRF / Remote Code Execution
08.02.2021
Kaustubh G. Padwad
Low
Unibox Cross Site Request Forgery
08.02.2021
Kaustubh G. Padwad
Low
bloofoxCMS 0.5.2.1 CSRF (Add user)
05.02.2021
LiPeiYi
Low
Pixelimity 1.0 Cross Site Request Forgery
04.02.2021
Noth
Med.
STVS ProVision 5.9.10 Cross Site Request Forgery
29.01.2021
LiquidWorm
Low
Anchor CMS 0.12.7 CSRF (Delete user)
21.01.2021
Ninad Mishra
Low
PHP-Fusion 9.03.90 Cross Site Request Forgery
16.01.2021
Mohamed Oosman B S
Low
Online Hotel Reservation System 1.0 Cross Site Request Forgery
15.01.2021
Mesut Cetin
Low
Advanced Webhost Billing System 3.7.0 Cross Site Request Forgery
07.01.2021
Rahul Ramakant Singh
Low
TypeSetter 5.1 Cross Site Request Forgery
03.01.2021
Alperen Ergel
Low
Rukovoditel 2.6.1 Cross Site Request Forgery
15.12.2020
KeopssGroup0day Inc
Low
OpenAsset Digital Asset Management Cross Site Request Forgery
14.12.2020
Jack Misiura
Low
OpenCart 3.0.3.6 Cross Site Request Forgery
10.12.2020
Mahendra Purbia
Low
EgavilanMedia User Registration & Login System with Admin Panel 1.0 CSRF
04.12.2020
Hardik Solanki
Med.
ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
28.11.2020
T. Weber
Low
Customer Support System 1.0 Cross Site Request Forgery
11.11.2020
Ahmed Abbas
High
Genexis Platinum-4410 P4410-V2-1.28 Broken Access Control and CSRF
11.11.2020
Jinson Varghese Behana...
Med.
Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
05.11.2020
Wolfgang Ettlinger
Low
iDS6 DSSPro Digital Signage System 6.2 Cross Site Request Forgery
05.11.2020
LiquidWorm
Low
Genexis Platinum-4410 P4410-V2-1.28 Cross Site Request Forgery
29.10.2020
Mohammed Farhan


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-10-23
Waiting for details
CVE-2024-10045

Updating...
 

 
The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the process_actions function. This makes it possible for unauthenticated attackers to delete transients via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

 
2024-10-22
Waiting for details
CVE-2024-9588

Updating...
 

 
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the 'wpaft_option_page' function. This makes it possible for unauthenticated attackers to add and delete taxonomy meta, granted they can trick a site administrator into performing an action such as clicking on a link.

 
2024-10-21
Waiting for details
CVE-2024-43945

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request Forgery.This issue affects LatePoint: from n/a through 4.9.91.

 
2024-10-20
Waiting for details
CVE-2024-49621

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through 1.0.0.

 
Waiting for details
CVE-2024-49628

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18.

 
Waiting for details
CVE-2024-49627

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4.

 
Waiting for details
CVE-2024-49306

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through 3.5.9.

 
Waiting for details
CVE-2024-49290

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0.

 
Waiting for details
CVE-2024-49274

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7.

 
Waiting for details
CVE-2024-49272

Updating...
 

 
Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top