Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-08 | CVE-2024-6856 | Cross-Site Request Forgery (CSRF) vulnerability in Ngothang WP Multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 |
2024-09-08 | CVE-2024-6925 | Cross-Site Request Forgery (CSRF) vulnerability in Themetechmount Truebooker The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. | 4.3 |
2024-09-04 | CVE-2024-8414 | Cross-Site Request Forgery (CSRF) vulnerability in Munyweki Insurance Management System 1.0 A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified as problematic. | 4.3 |
2024-09-02 | CVE-2024-7690 | Cross-Site Request Forgery (CSRF) vulnerability in Digireturn DN Popup The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 |
2024-09-02 | CVE-2024-45269 | Cross-Site Request Forgery (CSRF) vulnerability in Majeedraza Carousel Slider WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. | 4.3 |
2024-09-02 | CVE-2024-45270 | Cross-Site Request Forgery (CSRF) vulnerability in Majeedraza Carousel Slider WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. | 4.3 |
2024-08-30 | CVE-2024-8319 | Cross-Site Request Forgery (CSRF) vulnerability in Themeific Tourfic The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.11.20. | 4.3 |
2024-08-29 | CVE-2024-43947 | Cross-Site Request Forgery (CSRF) vulnerability in Dineshkarki WP Armour Extended Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki WP Armour Extended.This issue affects WP Armour Extended: from n/a through 1.26. | 4.3 |
2024-08-28 | CVE-2024-42793 | Cross-Site Request Forgery (CSRF) vulnerability in Lopalopa Music Management System 1.0 A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajax.php?action=save_user page. | 8.0 |
2024-08-27 | CVE-2024-45264 | Cross-Site Request Forgery (CSRF) vulnerability in Skyss Arfa-Cms A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges. | 8.8 |