Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2020-20971 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 2.0.3 Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index. | 8.8 |
| 2022-06-02 | CVE-2021-36890 | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Social Share Buttons Cross-Site Request Forgery (CSRF) vulnerability in Social Share Buttons by Supsystic plugin <= 2.2.2 at WordPress. | 4.3 |
| 2022-06-02 | CVE-2022-29647 | Cross-Site Request Forgery (CSRF) vulnerability in Mingsoft Mcms 5.2.7 An issue was discovered in MCMS 5.2.7. | 8.8 |
| 2022-06-02 | CVE-2022-29735 | Cross-Site Request Forgery (CSRF) vulnerability in Deltacontrols Entelitouch Firmware 3.33.4005/3.40.3706/3.40.3935 Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 allows attackers to execute arbitrary commands via a crafted HTTP request. | 8.8 |
| 2022-05-31 | CVE-2022-22361 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business Process Manager 8.6.0.0 through 8.6.0.201803, and 8.5.0.0 through 8.5.0.201706 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-05-26 | CVE-2021-34360 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap NAS Proxy Server A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. | 8.8 |
| 2022-05-23 | CVE-2022-29002 | Cross-Site Request Forgery (CSRF) vulnerability in Xuxueli Xxl-Job 2.3.0 A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add. | 8.8 |
| 2022-05-23 | CVE-2022-30014 | Cross-Site Request Forgery (CSRF) vulnerability in Simple Food Website Project Simple Food Website 1.0 Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account. | 8.8 |
| 2022-05-20 | CVE-2022-29431 | Cross-Site Request Forgery (CSRF) vulnerability in Kubiq CPT Base Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base. | 5.4 |
| 2022-05-20 | CVE-2022-28992 | Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Online Banquet Booking System 1.0 A Cross-Site Request Forgery (CSRF) in Online Banquet Booking System v1.0 allows attackers to change admin credentials via a crafted POST request. | 8.8 |