Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-09-06 CVE-2022-2542 Cross-Site Request Forgery (CSRF) vulnerability in Summitmediaconcepts Ucontext for Clickbank 3.9.1
The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1.
network
low complexity
summitmediaconcepts CWE-352
8.8
2022-09-01 CVE-2020-4301 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm netapp CWE-352
6.5
2022-09-01 CVE-2021-20468 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm netapp CWE-352
6.5
2022-09-01 CVE-2021-29823 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm netapp CWE-352
6.5
2022-08-26 CVE-2022-36546 Cross-Site Request Forgery (CSRF) vulnerability in Edoc-Doctor-Appointment-System Project Edoc-Doctor-Appointment-System 1.0.1
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery (CSRF) via /patient/settings.php.
8.8
2022-08-26 CVE-2022-31773 Cross-Site Request Forgery (CSRF) vulnerability in IBM Datapower Gateway 10.0.2.0
IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2022-08-26 CVE-2021-39394 Cross-Site Request Forgery (CSRF) vulnerability in Mm-Wiki Project Mm-Wiki 0.2.1
mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information.
network
low complexity
mm-wiki-project CWE-352
6.5
2022-08-24 CVE-2018-14519 Cross-Site Request Forgery (CSRF) vulnerability in Getkirby Kirby 2.5.12
An issue was discovered in Kirby 2.5.12.
network
low complexity
getkirby CWE-352
4.3
2022-08-23 CVE-2022-36288 Cross-Site Request Forgery (CSRF) vulnerability in W3Eden Download Manager
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.
network
low complexity
w3eden CWE-352
8.8
2022-08-23 CVE-2022-36379 Cross-Site Request Forgery (CSRF) vulnerability in Yookassa Yukassa for Woocommerce
Cross-Site Request Forgery (CSRF) leading to plugin settings update in YooMoney ?Kassa ??? WooCommerce plugin <= 2.3.0 at WordPress.
network
low complexity
yookassa CWE-352
8.8