Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-29 | CVE-2020-35773 | Cross-Site Request Forgery (CSRF) vulnerability in Freehtmldesigns Site Offline The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce calls, aka CSRF. | 8.8 |
| 2020-12-28 | CVE-2020-35615 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! 2.5.0 through 3.9.22. | 6.3 |
| 2020-12-28 | CVE-2020-26033 | Cross-Site Request Forgery (CSRF) vulnerability in Zammad An issue was discovered in Zammad before 3.4.1. | 5.4 |
| 2020-12-26 | CVE-2020-35347 | Cross-Site Request Forgery (CSRF) vulnerability in Cxuu Cxuucms 3.1 CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add. | 6.5 |
| 2020-12-26 | CVE-2020-26766 | Cross-Site Request Forgery (CSRF) vulnerability in User Registration & Login and User Management System With Admin Panel Project User Registration & Login and User Management System With Admin Panel 2.1 A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1. network low complexity user-registration-login-and-user-management-system-with-admin-panel-project CWE-352 | 8.8 |
| 2020-12-23 | CVE-2020-35269 | Cross-Site Request Forgery (CSRF) vulnerability in Nagios Core 4.2.4 Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers. | 8.8 |
| 2020-12-21 | CVE-2020-35626 | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. | 8.8 |
| 2020-12-21 | CVE-2020-35273 | Cross-Site Request Forgery (CSRF) vulnerability in Egavilanmedia User Registration & Login System With Admin Panel 1.0 EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. | 8.0 |
| 2020-12-18 | CVE-2020-7201 | Cross-Site Request Forgery (CSRF) vulnerability in HP products A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. | 8.8 |
| 2020-12-18 | CVE-2020-4764 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |