Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-07-22 CVE-2024-6244 Cross-Site Request Forgery (CSRF) vulnerability in Projectzealous PZ Frontend Manager
The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
network
low complexity
projectzealous CWE-352
8.8
8.8
2024-07-22 CVE-2024-6271 Cross-Site Request Forgery (CSRF) vulnerability in Community Events Project Community Events
The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete arbitrary events via a CSRF attack
network
low complexity
community-events-project CWE-352
5.4
5.4
2024-07-15 CVE-2024-6075 Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq WP Estore
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
network
low complexity
tipsandtricks-hq CWE-352
8.8
8.8
2024-07-11 CVE-2024-1845 Cross-Site Request Forgery (CSRF) vulnerability in E4Jconnect Vikrentcar
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
network
low complexity
e4jconnect CWE-352
8.8
8.8
2024-07-09 CVE-2024-40034 Cross-Site Request Forgery (CSRF) vulnerability in Idccms Project Idccms 1.35
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=del
network
low complexity
idccms-project CWE-352
8.8
8.8
2024-07-09 CVE-2024-40037 Cross-Site Request Forgery (CSRF) vulnerability in Idccms Project Idccms 1.35
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=del
network
low complexity
idccms-project CWE-352
8.8
8.8
2024-07-09 CVE-2024-40039 Cross-Site Request Forgery (CSRF) vulnerability in Idccms Project Idccms 1.35
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=del
network
low complexity
idccms-project CWE-352
8.8
8.8
2024-07-08 CVE-2023-47677 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11.
network
low complexity
realtek level1 CWE-352
8.8
8.8
2024-07-07 CVE-2024-40601 Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki
An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1.
network
low complexity
mediawiki CWE-352
6.5
6.5
2024-07-07 CVE-2024-40603 Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki
An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1.
network
low complexity
mediawiki CWE-352
4.3
4.3