Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-25 | CVE-2021-40335 | Cross-Site Request Forgery (CSRF) vulnerability in Hitachienergy Modular Switchgear Monitoring Firmware 2.1.0/2.2.0 A vulnerability exists in the HTTP web interface where the web interface does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | 8.8 |
| 2022-07-21 | CVE-2022-20861 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. | 8.8 |
| 2022-07-21 | CVE-2022-34367 | Cross-Site Request Forgery (CSRF) vulnerability in Dell EMC Data Protection Central Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. | 8.8 |
| 2022-07-19 | CVE-2022-22359 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-07-18 | CVE-2021-38868 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-07-18 | CVE-2022-1912 | Cross-Site Request Forgery (CSRF) vulnerability in Smartsoft Button Widget Smartsoft 1.0.1 The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. | 8.8 |
| 2022-07-18 | CVE-2022-2001 | Cross-Site Request Forgery (CSRF) vulnerability in Devrix DX Share Selection 1.2/1.3/1.4 The DX Share Selection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. | 8.8 |
| 2022-07-18 | CVE-2022-2223 | Cross-Site Request Forgery (CSRF) vulnerability in Ghozylab Image Slider The WordPress plugin Image Slider is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1.121 due to failure to properly check for the existence of a nonce in the function ewic_duplicate_slider. | 4.3 |
| 2022-07-18 | CVE-2022-2435 | Cross-Site Request Forgery (CSRF) vulnerability in Anymind Widget The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. | 8.8 |
| 2022-07-17 | CVE-2022-32320 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file. | 8.8 |