Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-13 | CVE-2022-1969 | Cross-Site Request Forgery (CSRF) vulnerability in Script Mobile Browser Color Select 1.0.1 The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. | 8.8 |
| 2022-06-13 | CVE-2022-1763 | Cross-Site Request Forgery (CSRF) vulnerability in Static Page Extended Project Static Page Extended 2.1 Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. | 5.4 |
| 2022-06-13 | CVE-2022-1793 | Cross-Site Request Forgery (CSRF) vulnerability in Private Files Project Private Files 0.40 The Private Files WordPress plugin through 0.40 is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public | 4.3 |
| 2022-06-13 | CVE-2022-1900 | Cross-Site Request Forgery (CSRF) vulnerability in Copify The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. | 8.8 |
| 2022-06-13 | CVE-2022-1918 | Cross-Site Request Forgery (CSRF) vulnerability in Toolbar to Share Project Toolbar to Share 2.0 The ToolBar to Share plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0. | 8.8 |
| 2022-06-13 | CVE-2017-20045 | Cross-Site Request Forgery (CSRF) vulnerability in Vendavo Pricepoint 4.6.0.0 A vulnerability was found in Navetti PricePoint 4.6.0.0. | 8.8 |
| 2022-06-13 | CVE-2022-27174 | Cross-Site Request Forgery (CSRF) vulnerability in Easy Blog Project Easy Blog Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page. | 4.3 |
| 2022-06-10 | CVE-2022-22479 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-06-10 | CVE-2021-44117 | Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.5.0 A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4. | 8.8 |
| 2022-06-09 | CVE-2017-20020 | Cross-Site Request Forgery (CSRF) vulnerability in Solar-Log products A vulnerability, which was classified as problematic, has been found in Solare Solar-Log 2.8.4-56/3.5.2-85. | 8.8 |