Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-16 | CVE-2022-30327 | Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-831Dr Firmware 1.0601.130.1.1356 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. | 6.5 |
| 2022-06-16 | CVE-2022-30328 | Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-831Dr Firmware 1.0601.130.1.1356 An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. | 6.5 |
| 2022-06-16 | CVE-2022-26173 | Cross-Site Request Forgery (CSRF) vulnerability in Jforum 2.8.0 JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts. | 8.8 |
| 2022-06-16 | CVE-2022-31294 | Cross-Site Request Forgery (CSRF) vulnerability in Razormist Online Discussion Forum Site 1.0 An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. | 6.5 |
| 2022-06-16 | CVE-2017-20053 | Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Contact Form Manager A vulnerability was found in XYZScripts Contact Form Manager Plugin. | 4.3 |
| 2022-06-14 | CVE-2022-30930 | Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Tourism Management System 3.2 Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). | 4.3 |
| 2022-06-14 | CVE-2022-30931 | Cross-Site Request Forgery (CSRF) vulnerability in Employee Leaves Management System Project Employee Leaves Management System 2.1 Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) via /myprofile.php. | 6.5 |
| 2022-06-13 | CVE-2022-1749 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmk Ajax Finder Project Wpmk Ajax Finder 1.0.1 The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1. | 8.8 |
| 2022-06-13 | CVE-2022-1969 | Cross-Site Request Forgery (CSRF) vulnerability in Script Mobile Browser Color Select 1.0.1 The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. | 8.8 |
| 2022-06-13 | CVE-2022-1763 | Cross-Site Request Forgery (CSRF) vulnerability in Static Page Extended Project Static Page Extended 2.1 Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. | 5.4 |