Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-07 | CVE-2022-37730 | Cross-Site Request Forgery (CSRF) vulnerability in Ftcms 2.1 In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge. | 8.8 |
| 2022-09-06 | CVE-2022-23679 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx AOS-CX lacks Anti-CSRF protections in place for state-changing operations. | 8.8 |
| 2022-09-06 | CVE-2022-23680 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx AOS-CX lacks Anti-CSRF protections in place for state-changing operations. | 8.8 |
| 2022-09-06 | CVE-2022-2233 | Cross-Site Request Forgery (CSRF) vulnerability in Banner Cycler Project Banner Cycler 1.4 The Banner Cycler plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. | 8.8 |
| 2022-09-06 | CVE-2022-2432 | Cross-Site Request Forgery (CSRF) vulnerability in Lightspeedhq Ecwid Ecommerce Shopping Cart The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. | 4.3 |
| 2022-09-06 | CVE-2022-2518 | Cross-Site Request Forgery (CSRF) vulnerability in Berocket Stockists Manager for Woocommerce 1.0.2.1 The Stockists Manager for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2.1. | 6.1 |
| 2022-09-06 | CVE-2022-2540 | Cross-Site Request Forgery (CSRF) vulnerability in Link Optimizer Lite Project Link Optimizer Lite 1.4.5 The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. | 8.8 |
| 2022-09-06 | CVE-2022-2541 | Cross-Site Request Forgery (CSRF) vulnerability in Summitmediaconcepts Ucontext for Amazon 3.9.1 The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. | 8.8 |
| 2022-09-06 | CVE-2022-2542 | Cross-Site Request Forgery (CSRF) vulnerability in Summitmediaconcepts Ucontext for Clickbank 3.9.1 The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. | 8.8 |
| 2022-09-01 | CVE-2020-4301 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |