Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-6788 Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Metform Elementor Contact Form Builder
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.1.
network
low complexity
wpmet CWE-352
5.4
5.4
2024-01-08 CVE-2023-52072 Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.
network
low complexity
flycms-project CWE-352
8.8
8.8
2024-01-08 CVE-2023-52073 Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte.
network
low complexity
flycms-project CWE-352
8.8
8.8
2024-01-08 CVE-2023-52074 Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte.
network
low complexity
flycms-project CWE-352
8.8
8.8
2024-01-08 CVE-2023-52216 Cross-Site Request Forgery (CSRF) vulnerability in Yevhenkotelnytskyi JS & CSS Script Optimizer
Cross-Site Request Forgery (CSRF) vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3.
network
low complexity
yevhenkotelnytskyi CWE-352
8.8
8.8
2024-01-08 CVE-2023-52222 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce
Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.
network
low complexity
woocommerce CWE-352
8.8
8.8
2024-01-08 CVE-2023-6532 Cross-Site Request Forgery (CSRF) vulnerability in Wp-Blogs-Planetarium Project Wp-Blogs-Planetarium 1.0
The WP Blogs' Planetarium WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
network
low complexity
wp-blogs-planetarium-project CWE-352
8.8
8.8
2024-01-08 CVE-2023-6845 Cross-Site Request Forgery (CSRF) vulnerability in Theresehansen Commenttweets 0.6
The CommentTweets WordPress plugin through 0.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
network
low complexity
theresehansen CWE-352
8.8
8.8
2024-01-05 CVE-2023-51535 Cross-Site Request Forgery (CSRF) vulnerability in Cleantalk Spam Protection, Antispam, Firewall
Cross-Site Request Forgery (CSRF) vulnerability in ?leanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20.
network
low complexity
cleantalk CWE-352
8.8
8.8
2024-01-05 CVE-2023-51538 Cross-Site Request Forgery (CSRF) vulnerability in Getawesomesupport Awesome Support
Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.5.
network
low complexity
getawesomesupport CWE-352
8.8
8.8