Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-10-12 CVE-2024-9592 The Easy PayPal Gift Certificate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.3.
network
low complexity
CWE-352
6.1
2024-10-10 CVE-2024-8477 Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, Smtp, Email Marketing and Subscribe
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87.
network
low complexity
brevo CWE-352
4.3
2024-10-09 CVE-2024-47828 Cross-Site Request Forgery (CSRF) vulnerability in Ampache
ampache is a web based audio/video streaming application and file manager.
network
low complexity
ampache CWE-352
6.5
2024-10-05 CVE-2024-47846 Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki Cargo 3.6.0
Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross Site Request Forgery.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1.
network
low complexity
mediawiki CWE-352
8.8
2024-10-04 CVE-2024-43684 Cross-Site Request Forgery (CSRF) vulnerability in Microchip Timeprovider 4100 Firmware
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0.
network
low complexity
microchip CWE-352
8.8
2024-10-04 CVE-2024-8520 Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember Ultimate Member
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6.
network
low complexity
ultimatemember CWE-352
4.3
2024-09-30 CVE-2024-8458 Cross-Site Request Forgery (CSRF) vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF).
network
low complexity
planet CWE-352
8.8
2024-09-27 CVE-2024-28948 Cross-Site Request Forgery (CSRF) vulnerability in Advantech Adam-5630 Firmware
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability.
network
low complexity
advantech CWE-352
8.8
2024-09-27 CVE-2024-9281 Cross-Site Request Forgery (CSRF) vulnerability in Bg5Sbk Minicms
A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic.
network
low complexity
bg5sbk CWE-352
4.3
2024-09-27 CVE-2024-9282 Cross-Site Request Forgery (CSRF) vulnerability in Bg5Sbk Minicms
A vulnerability was found in bg5sbk MiniCMS 1.11.
network
low complexity
bg5sbk CWE-352
4.3