VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Cross-Site Request Forgery (CSRF)
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-09-10
CVE-2023-2919
The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4.
network
low complexity
CWE-352
4.3
4.3
2024-09-08
CVE-2024-6852
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
network
low complexity
CWE-352
4.3
4.3
2024-09-08
CVE-2024-6853
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating welcome popups, which could allow attackers to make logged admins perform such action via a CSRF attack
network
low complexity
CWE-352
4.3
4.3
2024-09-08
CVE-2024-6855
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit popups, which could allow attackers to make logged admins perform such action via a CSRF attack
network
low complexity
CWE-352
4.3
4.3
2024-09-08
CVE-2024-6856
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
network
low complexity
CWE-352
4.3
4.3
2024-09-08
CVE-2024-6925
The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
network
low complexity
CWE-352
4.3
4.3
2024-09-04
CVE-2024-8414
Cross-Site Request Forgery (CSRF) vulnerability in Munyweki Insurance Management System 1.0
A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified as problematic.
network
low complexity
munyweki
CWE-352
4.3
4.3
2024-09-02
CVE-2024-45269
Cross-Site Request Forgery (CSRF) vulnerability in Majeedraza Carousel Slider
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature.
network
low complexity
majeedraza
CWE-352
4.3
4.3
2024-09-02
CVE-2024-45270
Cross-Site Request Forgery (CSRF) vulnerability in Majeedraza Carousel Slider
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature.
network
low complexity
majeedraza
CWE-352
4.3
4.3
2024-08-30
CVE-2024-8319
Cross-Site Request Forgery (CSRF) vulnerability in Themeific Tourfic
The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.11.20.
network
low complexity
themeific
CWE-352
4.3
4.3
«
1
(current)
2
3
4
5
...
515
516
»
Next