Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-06-10 CVE-2021-44117 Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.5.0
A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4.
network
low complexity
thedaylightstudio CWE-352
8.8
8.8
2022-06-09 CVE-2017-20020 Cross-Site Request Forgery (CSRF) vulnerability in Solar-Log products
A vulnerability, which was classified as problematic, has been found in Solare Solar-Log 2.8.4-56/3.5.2-85.
network
low complexity
solar-log CWE-352
8.8
8.8
2022-06-09 CVE-2022-30898 Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.2
A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password.
network
low complexity
chshcms CWE-352
6.5
6.5
2022-06-09 CVE-2019-25064 Cross-Site Request Forgery (CSRF) vulnerability in Theaccessgroup Corehr Core Portal
A vulnerability was found in CoreHR Core Portal up to 27.0.7.
network
low complexity
theaccessgroup CWE-352
8.8
8.8
2022-06-08 CVE-2022-1577 Cross-Site Request Forgery (CSRF) vulnerability in Deliciousbrains Database Backup
The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack.
network
low complexity
deliciousbrains CWE-352
5.4
5.4
2022-06-08 CVE-2022-1695 Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq WP Simple Adsense Insertion
The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form.
network
low complexity
tipsandtricks-hq CWE-352
4.3
4.3
2022-06-07 CVE-2020-36534 Cross-Site Request Forgery (CSRF) vulnerability in Easyiicms
A vulnerability was found in easyii CMS.
network
low complexity
easyiicms CWE-352
6.5
6.5
2022-06-02 CVE-2020-20971 Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 2.0.3
Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index.
network
low complexity
pbootcms CWE-352
8.8
8.8
2022-06-02 CVE-2021-36890 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Social Share Buttons
Cross-Site Request Forgery (CSRF) vulnerability in Social Share Buttons by Supsystic plugin <= 2.2.2 at WordPress.
network
low complexity
supsystic CWE-352
4.3
4.3
2022-06-02 CVE-2022-29647 Cross-Site Request Forgery (CSRF) vulnerability in Mingsoft Mcms 5.2.7
An issue was discovered in MCMS 5.2.7.
network
low complexity
mingsoft CWE-352
8.8
8.8