Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-17 | CVE-2022-2146 | Cross-Site Request Forgery (CSRF) vulnerability in Import CSV Files Project Import CSV Files The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting | 6.1 |
| 2022-07-11 | CVE-2022-1599 | Cross-Site Request Forgery (CSRF) vulnerability in Admin Management Xtended Project Admin Management Xtended The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. | 6.5 |
| 2022-07-07 | CVE-2015-1785 | Cross-Site Request Forgery (CSRF) vulnerability in Imagely Nextgen Gallery In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. | 6.5 |
| 2022-07-06 | CVE-2021-31677 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-31678 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-31679 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-23163 | Cross-Site Request Forgery (CSRF) vulnerability in Jfrog Artifactory JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. | 8.8 |
| 2022-06-30 | CVE-2022-34780 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Xebialabs XL Release A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
| 2022-06-30 | CVE-2022-34789 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Matrix Reloaded A cross-site request forgery (CSRF) vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds. | 6.5 |
| 2022-06-30 | CVE-2022-34792 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Recipe 1.0/1.1/1.2 A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML. | 8.0 |