Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-20414 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method. | 6.5 |
| 2024-09-25 | CVE-2024-20437 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. | 8.8 |
| 2024-09-25 | CVE-2024-7892 | Cross-Site Request Forgery (CSRF) vulnerability in Vladyslavbondarenko Adstxt The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 |
| 2024-09-25 | CVE-2024-7386 | The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.1. | 4.3 |
| 2024-09-25 | CVE-2024-8476 | Cross-Site Request Forgery (CSRF) vulnerability in Wpplugin Easy Paypal Events The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. | 4.3 |
| 2024-09-24 | CVE-2024-8795 | Cross-Site Request Forgery (CSRF) vulnerability in Ba-Booking BA Book Everything The BA Book Everything plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.20. | 8.8 |
| 2024-09-19 | CVE-2024-46394 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add | 8.8 |
| 2024-09-18 | CVE-2024-46086 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/delete/123 | 8.8 |
| 2024-09-17 | CVE-2024-44064 | Cross-Site Request Forgery (CSRF) vulnerability in Likebtn Like Button Rating Cross-Site Request Forgery (CSRF) vulnerability in LikeBtn Like Button Rating allows Cross-Site Scripting (XSS).This issue affects Like Button Rating: from n/a through 2.6.54. | 6.1 |
| 2024-09-17 | CVE-2024-8490 | Cross-Site Request Forgery (CSRF) vulnerability in Wp-Property-Hive Propertyhive The PropertyHive plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.19. | 6.5 |