Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-13 | CVE-2022-3978 | Cross-Site Request Forgery (CSRF) vulnerability in Nodebb A vulnerability, which was classified as problematic, was found in NodeBB up to 2.5.7. | 4.3 |
| 2022-11-10 | CVE-2022-45130 | Cross-Site Request Forgery (CSRF) vulnerability in Plesk Obsidian Plesk Obsidian allows a CSRF attack, e.g., via the /api/v2/cli/commands REST API to change an Admin password. | 6.5 |
| 2022-11-09 | CVE-2022-43031 | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 6.1.9 DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords. | 8.8 |
| 2022-11-09 | CVE-2022-43488 | Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Dynamic Pricing for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration. | 4.3 |
| 2022-11-08 | CVE-2022-27855 | Cross-Site Request Forgery (CSRF) vulnerability in Fatcatapps Analytics CAT Cross-Site Request Forgery (CSRF) vulnerability in Fatcat Apps Analytics Cat plugin <= 1.0.9 on WordPress allows Plugin Settings Change. | 4.3 |
| 2022-11-08 | CVE-2022-32587 | Cross-Site Request Forgery (CSRF) vulnerability in Codeandmore WP Page Widget Cross-Site Request Forgery (CSRF) vulnerability in CodeAndMore WP Page Widget plugin <= 3.9 on WordPress leading to plugin settings change. | 4.3 |
| 2022-11-08 | CVE-2022-38137 | Cross-Site Request Forgery (CSRF) vulnerability in Analytify - Google Analytics Dashboard Cross-Site Request Forgery (CSRF) vulnerability in Analytify plugin <= 4.2.2 on WordPress. | 8.8 |
| 2022-11-08 | CVE-2022-40128 | Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Order Export for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download. | 6.5 |
| 2022-11-08 | CVE-2022-40632 | Cross-Site Request Forgery (CSRF) vulnerability in Gvectors Wpforo Forum Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 on WordPress leading to topic deletion. | 5.4 |
| 2022-11-08 | CVE-2022-41136 | Cross-Site Request Forgery (CSRF) vulnerability in Getshortcodes Shortcodes Ultimate Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin's Shortcodes Ultimate plugin <= 5.12.0 on WordPress. | 8.8 |