Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-15 | CVE-2022-27214 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Release Helper A cross-site request forgery (CSRF) vulnerability in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. | 4.3 |
| 2022-03-14 | CVE-2022-22346 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-03-14 | CVE-2022-22348 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. | 2.4 |
| 2022-03-13 | CVE-2021-45886 | Cross-Site Request Forgery (CSRF) vulnerability in Ponton X/P Messenger 3.10.0/3.8.0 An issue was discovered in PONTON X/P Messenger before 3.11.2. | 8.8 |
| 2022-03-11 | CVE-2022-25600 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). | 8.8 |
| 2022-03-07 | CVE-2021-25098 | Cross-Site Request Forgery (CSRF) vulnerability in Fatcatapps Easy Pricing Tables The Pricing Tables WordPress Plugin WordPress plugin before 3.1.3 does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash | 6.5 |
| 2022-03-07 | CVE-2022-0445 | Cross-Site Request Forgery (CSRF) vulnerability in Devowl Wordpress Real Cookie Banner The WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent WordPress plugin before 2.14.2 does not have CSRF checks in place when resetting its settings, allowing attackers to make a logged in admin reset them via a CSRF attack | 6.5 |
| 2022-03-04 | CVE-2020-18326 | Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.2.1 Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user. | 8.8 |
| 2022-03-04 | CVE-2021-44321 | Cross-Site Request Forgery (CSRF) vulnerability in Mini-Inventory-And-Sales-Management-System Project Mini-Inventory-And-Sales-Management-System 1.0 Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where an attacker can update/delete items in the inventory. | 5.0 |
| 2022-03-03 | CVE-2022-23052 | Cross-Site Request Forgery (CSRF) vulnerability in Petereport Project Petereport 0.5 PeteReport Version 0.5 contains a Cross Site Request Forgery (CSRF) vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application. | 6.5 |