Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-47082 | Cross-Site Request Forgery (CSRF) vulnerability in Strawberryrocks Strawberry Strawberry GraphQL is a library for creating GraphQL APIs. | 8.0 |
| 2024-09-25 | CVE-2024-47305 | Cross-Site Request Forgery (CSRF) vulnerability in Dineshkarki USE ANY Font Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site Request Forgery.This issue affects Use Any Font: from n/a through 6.3.08. | 8.8 |
| 2024-09-25 | CVE-2024-47315 | Cross-Site Request Forgery (CSRF) vulnerability in Givewp Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1. | 8.8 |
| 2024-09-25 | CVE-2024-20414 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method. | 6.5 |
| 2024-09-25 | CVE-2024-20437 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. | 8.8 |
| 2024-09-25 | CVE-2024-7892 | Cross-Site Request Forgery (CSRF) vulnerability in Vladyslavbondarenko Adstxt The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 |
| 2024-09-25 | CVE-2024-7386 | The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.1. | 4.3 |
| 2024-09-25 | CVE-2024-8476 | Cross-Site Request Forgery (CSRF) vulnerability in Wpplugin Easy Paypal Events The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. | 4.3 |
| 2024-09-24 | CVE-2024-8795 | Cross-Site Request Forgery (CSRF) vulnerability in Ba-Booking BA Book Everything The BA Book Everything plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.20. | 8.8 |
| 2024-09-19 | CVE-2024-46394 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add | 8.8 |