Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-27 | CVE-2022-1842 | Cross-Site Request Forgery (CSRF) vulnerability in Openbook Book Data Project Openbook Book Data The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well | 4.3 |
| 2022-06-24 | CVE-2022-33121 | Cross-Site Request Forgery (CSRF) vulnerability in 1234N Minicms 1.11 A Cross-Site Request Forgery (CSRF) in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link. | 8.1 |
| 2022-06-24 | CVE-2017-20093 | Cross-Site Request Forgery (CSRF) vulnerability in Wpdownloadmanager Wordpress Download Manager 2.8.99 A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. | 4.3 |
| 2022-06-23 | CVE-2022-34200 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Convertigo Mobile Platform 1.0/1.1 A cross-site request forgery (CSRF) vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers to connect to an attacker-specified URL. | 8.8 |
| 2022-06-23 | CVE-2022-34203 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Easyqa 1.0 A cross-site request forgery (CSRF) vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server. | 8.8 |
| 2022-06-23 | CVE-2022-34205 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Jianliao Notification 1.0/1.1 A cross-site request forgery (CSRF) vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL. | 6.5 |
| 2022-06-23 | CVE-2022-34207 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Beaker Builder A cross-site request forgery (CSRF) vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL. | 6.5 |
| 2022-06-23 | CVE-2022-34209 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Threadfix A cross-site request forgery (CSRF) vulnerability in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers to connect to an attacker-specified URL. | 6.5 |
| 2022-06-23 | CVE-2022-34211 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Vrealize Orchestrator A cross-site request forgery (CSRF) vulnerability in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers to send an HTTP POST request to an attacker-specified URL. | 6.5 |
| 2022-06-23 | CVE-2017-20088 | Cross-Site Request Forgery (CSRF) vulnerability in Bytesforall Atahualpa A vulnerability classified as problematic has been found in Atahualpa Theme. | 4.3 |