Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-06 | CVE-2022-2542 | Cross-Site Request Forgery (CSRF) vulnerability in Summitmediaconcepts Ucontext for Clickbank 3.9.1 The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. | 8.8 |
| 2022-09-01 | CVE-2020-4301 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-09-01 | CVE-2021-20468 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-09-01 | CVE-2021-29823 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-08-26 | CVE-2022-36546 | Cross-Site Request Forgery (CSRF) vulnerability in Edoc-Doctor-Appointment-System Project Edoc-Doctor-Appointment-System 1.0.1 Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery (CSRF) via /patient/settings.php. | 8.8 |
| 2022-08-26 | CVE-2022-31773 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Datapower Gateway 10.0.2.0 IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-08-26 | CVE-2021-39394 | Cross-Site Request Forgery (CSRF) vulnerability in Mm-Wiki Project Mm-Wiki 0.2.1 mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information. | 6.5 |
| 2022-08-24 | CVE-2018-14519 | Cross-Site Request Forgery (CSRF) vulnerability in Getkirby Kirby 2.5.12 An issue was discovered in Kirby 2.5.12. | 4.3 |
| 2022-08-23 | CVE-2022-36379 | Cross-Site Request Forgery (CSRF) vulnerability in Yookassa Yukassa for Woocommerce Cross-Site Request Forgery (CSRF) leading to plugin settings update in YooMoney ?Kassa ??? WooCommerce plugin <= 2.3.0 at WordPress. | 8.8 |
| 2022-08-22 | CVE-2022-1251 | Cross-Site Request Forgery (CSRF) vulnerability in Inkthemes ASK ME The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request. | 4.3 |