Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-09-26 CVE-2024-45987 Cross-Site Request Forgery (CSRF) vulnerability in Online Voting System Project Online Voting System 1.0
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php.
network
low complexity
online-voting-system-project CWE-352
6.5
2024-09-26 CVE-2024-45372 Cross-Site Request Forgery (CSRF) vulnerability in Planex Mzk-Dp300N Firmware
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability.
network
low complexity
planex CWE-352
6.5
2024-09-25 CVE-2024-47082 Cross-Site Request Forgery (CSRF) vulnerability in Strawberryrocks Strawberry
Strawberry GraphQL is a library for creating GraphQL APIs.
network
low complexity
strawberryrocks CWE-352
8.0
2024-09-25 CVE-2024-47305 Cross-Site Request Forgery (CSRF) vulnerability in Dineshkarki USE ANY Font
Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site Request Forgery.This issue affects Use Any Font: from n/a through 6.3.08.
network
low complexity
dineshkarki CWE-352
8.8
2024-09-25 CVE-2024-47315 Cross-Site Request Forgery (CSRF) vulnerability in Givewp
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1.
network
low complexity
givewp CWE-352
8.8
2024-09-25 CVE-2024-20414 Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method.
network
low complexity
cisco CWE-352
6.5
2024-09-25 CVE-2024-20437 Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device.
network
low complexity
cisco CWE-352
8.8
2024-09-25 CVE-2024-7892 Cross-Site Request Forgery (CSRF) vulnerability in Vladyslavbondarenko Adstxt
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
network
low complexity
vladyslavbondarenko CWE-352
4.3
2024-09-25 CVE-2024-7386 The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.1.
network
low complexity
CWE-352
4.3
2024-09-25 CVE-2024-8476 Cross-Site Request Forgery (CSRF) vulnerability in Wpplugin Easy Paypal Events
The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1.
network
low complexity
wpplugin CWE-352
4.3