Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-2435 | Cross-Site Request Forgery (CSRF) vulnerability in Anymind Widget The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. | 8.8 |
| 2022-07-17 | CVE-2022-32320 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file. | 8.8 |
| 2022-07-17 | CVE-2022-2146 | Cross-Site Request Forgery (CSRF) vulnerability in Import CSV Files Project Import CSV Files The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resulting in a Reflected Cross-Site Scripting | 6.1 |
| 2022-07-11 | CVE-2022-1599 | Cross-Site Request Forgery (CSRF) vulnerability in Admin Management Xtended Project Admin Management Xtended The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. | 6.5 |
| 2022-07-07 | CVE-2015-1785 | Cross-Site Request Forgery (CSRF) vulnerability in Imagely Nextgen Gallery In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. | 6.5 |
| 2022-07-06 | CVE-2021-31677 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-31678 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-31679 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-23163 | Cross-Site Request Forgery (CSRF) vulnerability in Jfrog Artifactory JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. | 8.8 |
| 2022-06-30 | CVE-2022-34780 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Xebialabs XL Release A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |