Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-12-13 CVE-2024-12572 The Hello In All Languages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6.
network
low complexity
CWE-352
6.1
2024-12-12 CVE-2024-12526 The Arena.IM – Live Blogging for real-time events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3.0.
network
low complexity
CWE-352
4.3
2024-12-12 CVE-2024-11417 The dejure.org Vernetzungsfunktion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.97.5.
network
low complexity
CWE-352
6.1
2024-12-12 CVE-2024-11419 The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.
network
low complexity
CWE-352
6.1
2024-12-12 CVE-2024-11689 The HQ Rental Software plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.29.
network
low complexity
CWE-352
8.8
2024-12-11 CVE-2024-12004 The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2.
network
low complexity
CWE-352
6.1
2024-12-09 CVE-2024-12349 Cross-Site Request Forgery (CSRF) vulnerability in Jwillber Jfinalcms 1.0
A vulnerability was found in JFinalCMS 1.0.
network
low complexity
jwillber CWE-352
8.8
2024-12-07 CVE-2024-12115 The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.4.
network
low complexity
CWE-352
4.3
2024-12-06 CVE-2024-11336 The Clickbank WordPress Plugin (Storefront) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.
network
low complexity
CWE-352
6.1
2024-12-06 CVE-2024-11444 The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2.
network
low complexity
CWE-352
4.3