Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-06 | CVE-2020-36174 | Cross-Site Request Forgery (CSRF) vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration. | 6.5 |
| 2021-01-05 | CVE-2020-7336 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Security Management 10.0/10.1.7.7/9.0 Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request. | 6.5 |
| 2021-01-04 | CVE-2020-4942 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management 7.0.11.0/7.0.9.0 IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-01-04 | CVE-2020-4917 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-01-04 | CVE-2021-21495 | Cross-Site Request Forgery (CSRF) vulnerability in Mk-Auth 19.01 MK-AUTH through 19.01 K4.9 allows CSRF for password changes via the central/executar_central.php?acao=altsenha_princ URI. | 8.8 |
| 2021-01-01 | CVE-2020-35950 | Cross-Site Request Forgery (CSRF) vulnerability in Xcloner An issue was discovered in the XCloner Backup and Restore plugin before 4.2.153 for WordPress. | 8.8 |
| 2020-12-31 | CVE-2018-16795 | Cross-Site Request Forgery (CSRF) vulnerability in Open-Emr Openemr 5.0.1.3 OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file. | 8.8 |
| 2020-12-30 | CVE-2020-35778 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Gs716T Firmware and Gs724T Firmware Certain NETGEAR devices are affected by CSRF. | 8.8 |
| 2020-12-29 | CVE-2020-35773 | Cross-Site Request Forgery (CSRF) vulnerability in Freehtmldesigns Site Offline The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce calls, aka CSRF. | 8.8 |
| 2020-12-28 | CVE-2020-35615 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! 2.5.0 through 3.9.22. | 6.3 |