Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-17 | CVE-2024-49220 | Cross-Site Request Forgery (CSRF) vulnerability in Cookie-Scanner Cookie Scanner Cross-Site Request Forgery (CSRF) vulnerability in Cookie Scanner – Nikel Schubert Cookie Scanner allows Stored XSS.This issue affects Cookie Scanner: from n/a through 1.1. | 6.1 |
| 2024-10-17 | CVE-2024-49221 | Cross-Site Request Forgery (CSRF) vulnerability in Julianweinert Cslider Cross-Site Request Forgery (CSRF) vulnerability in Julian Weinert // cs&m cSlider allows Stored XSS.This issue affects cSlider: from n/a through 2.4.2. | 6.1 |
| 2024-10-17 | CVE-2024-49223 | Cross-Site Request Forgery (CSRF) vulnerability in Shibulijack CJ Change Howdy Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.K.A CyberJack CJ Change Howdy allows Stored XSS.This issue affects CJ Change Howdy: from n/a through 3.3.1. | 6.1 |
| 2024-10-17 | CVE-2024-49229 | Cross-Site Request Forgery (CSRF) vulnerability in Arifnezami Better Author BIO Cross-Site Request Forgery (CSRF) vulnerability in Arif Nezami Better Author Bio allows Cross-Site Scripting (XSS).This issue affects Better Author Bio: from n/a through 2.7.10.11. | 6.1 |
| 2024-10-17 | CVE-2024-49237 | Cross-Site Request Forgery (CSRF) vulnerability in Ahmetimamoglu Ahmeti WP Timeline Cross-Site Request Forgery (CSRF) vulnerability in Ahmet Imamoglu Ahmeti Wp Timeline allows Stored XSS.This issue affects Ahmeti Wp Timeline: from n/a through 5.1. | 6.1 |
| 2024-10-17 | CVE-2024-9351 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Forminator Forms The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. | 4.3 |
| 2024-10-17 | CVE-2024-9352 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Forminator Forms The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. | 4.3 |
| 2024-10-16 | CVE-2024-20421 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco ATA 191 Firmware and ATA 192 Firmware A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. | 6.5 |
| 2024-10-16 | CVE-2020-36839 | The WP Lead Plus X plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.99. | 8.3 |
| 2024-10-16 | CVE-2024-8507 | Cross-Site Request Forgery (CSRF) vulnerability in Filemanagerpro File Manager The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.3.9. | 8.8 |