Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-40623 | Cross-Site Request Forgery (CSRF) vulnerability in Wavlink Wn531G3 Firmware M31G3.V5030.200325 The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution. | 8.8 |
| 2022-09-13 | CVE-2022-32555 | Cross-Site Request Forgery (CSRF) vulnerability in Unisys Data Exchange Management Studio 6.0.Ic1/7.0 Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. | 8.8 |
| 2022-09-07 | CVE-2022-37730 | Cross-Site Request Forgery (CSRF) vulnerability in Ftcms 2.1 In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge. | 8.8 |
| 2022-09-06 | CVE-2022-23679 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx AOS-CX lacks Anti-CSRF protections in place for state-changing operations. | 8.8 |
| 2022-09-06 | CVE-2022-23680 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx AOS-CX lacks Anti-CSRF protections in place for state-changing operations. | 8.8 |
| 2022-09-06 | CVE-2022-2233 | Cross-Site Request Forgery (CSRF) vulnerability in Banner Cycler Project Banner Cycler 1.4 The Banner Cycler plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. | 8.8 |
| 2022-09-06 | CVE-2022-2432 | Cross-Site Request Forgery (CSRF) vulnerability in Lightspeedhq Ecwid Ecommerce Shopping Cart The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. | 4.3 |
| 2022-09-06 | CVE-2022-2518 | Cross-Site Request Forgery (CSRF) vulnerability in Berocket Stockists Manager for Woocommerce 1.0.2.1 The Stockists Manager for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2.1. | 6.1 |
| 2022-09-06 | CVE-2022-2540 | Cross-Site Request Forgery (CSRF) vulnerability in Link Optimizer Lite Project Link Optimizer Lite 1.4.5 The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. | 8.8 |
| 2022-09-06 | CVE-2022-2541 | Cross-Site Request Forgery (CSRF) vulnerability in Summitmediaconcepts Ucontext for Amazon 3.9.1 The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. | 8.8 |