Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-35135 | Cross-Site Request Forgery (CSRF) vulnerability in Infolific Ultimate Category Excluder The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF. | 8.8 |
| 2020-12-03 | CVE-2020-2321 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Shelve Project A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project. | 8.1 |
| 2020-12-02 | CVE-2020-14369 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. | 6.3 |
| 2020-12-02 | CVE-2020-29458 | Cross-Site Request Forgery (CSRF) vulnerability in Textpattern 4.6.2 Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. | 8.8 |
| 2020-11-30 | CVE-2020-4127 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech HCL Domino 10.0.1/9.0.1 HCL Domino is susceptible to a Login CSRF vulnerability. | 6.5 |
| 2020-11-30 | CVE-2020-17901 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.2 Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. | 6.5 |
| 2020-11-27 | CVE-2020-7780 | Cross-Site Request Forgery (CSRF) vulnerability in Softwaremill Akka-Http-Session This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 before 0.5.11. | 8.8 |
| 2020-11-26 | CVE-2020-26936 | Cross-Site Request Forgery (CSRF) vulnerability in Cloudera Data Engineering Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. | 8.8 |
| 2020-11-24 | CVE-2020-13620 | Cross-Site Request Forgery (CSRF) vulnerability in Fastweb Fastgate Gpon Fga2130Fwb Firmware 18.3.N.0482Fw233Fga2130/20200526 Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration. | 8.8 |
| 2020-11-24 | CVE-2020-25472 | Cross-Site Request Forgery (CSRF) vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users. | 6.5 |