VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Cross-Site Request Forgery (CSRF)
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-04
CVE-2025-32280
Cross-Site Request Forgery (CSRF) vulnerability in Wedevs WP Project Manager
Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager allows Cross Site Request Forgery.
network
low complexity
wedevs
CWE-352
8.8
8.8
2025-04-04
CVE-2025-2797
The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21.
network
low complexity
CWE-352
5.4
5.4
2025-04-02
CVE-2024-56474
IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
CWE-352
4.3
4.3
2025-04-02
CVE-2025-3099
The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5.
network
low complexity
CWE-352
6.1
6.1
2025-03-26
CVE-2025-20228
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
network
low complexity
CWE-352
6.5
6.5
2025-03-25
CVE-2024-13710
The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0.
network
low complexity
CWE-352
4.3
4.3
2025-03-25
CVE-2025-2319
The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.11.13 to 5.25.08.
network
low complexity
CWE-352
8.8
8.8
2025-03-25
CVE-2025-1320
The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9.
network
low complexity
CWE-352
4.3
4.3
2025-03-22
CVE-2024-13768
The CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.
network
low complexity
CWE-352
4.3
4.3
2025-03-22
CVE-2025-0807
The CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.
network
low complexity
CWE-352
4.3
4.3
«
Previous
1
2
(current)
3
4
5
...
349
350
»
Next