Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-09-26 CVE-2015-9417 Cross-Site Request Forgery (CSRF) vulnerability in Slidervilla Testimonial Slider
The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS.
network
low complexity
slidervilla CWE-352
6.5
6.5
2019-09-26 CVE-2015-9413 Cross-Site Request Forgery (CSRF) vulnerability in Eshop Project Eshop
The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter.
network
low complexity
eshop-project CWE-352
6.5
6.5
2019-09-25 CVE-2015-9409 Cross-Site Request Forgery (CSRF) vulnerability in Alo-Easymail Project Alo-Easymail
The alo-easymail plugin before 2.6.01 for WordPress has CSRF with resultant XSS in pages/alo-easymail-admin-options.php.
network
low complexity
alo-easymail-project CWE-352
6.5
6.5
2019-09-25 CVE-2019-10408 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Project Inheritance
A cross-site request forgery vulnerability in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers to trigger project generation from templates.
network
low complexity
jenkins CWE-352
4.3
4.3
2019-09-24 CVE-2019-4515 Cross-Site Request Forgery (CSRF) vulnerability in IBM Security KEY Lifecycle Manager
IBM Security Key Lifecycle Manager 3.0 and 3.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
6.5
6.5
2019-09-23 CVE-2019-16721 Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0
NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user.
network
low complexity
5none CWE-352
6.5
6.5
2019-09-23 CVE-2019-16706 Cross-Site Request Forgery (CSRF) vulnerability in Kkcms Project Kkcms 1.3
kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php.
network
low complexity
kkcms-project CWE-352
8.8
8.8
2019-09-21 CVE-2019-16678 Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.3
admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route.
network
low complexity
yzmcms CWE-352
6.5
6.5
2019-09-21 CVE-2019-16677 Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.0
An issue was discovered in idreamsoft iCMS V7.0.
network
low complexity
idreamsoft CWE-352
6.5
6.5
2019-09-21 CVE-2019-16660 Cross-Site Request Forgery (CSRF) vulnerability in Joyplus Project Joyplus 1.6.0
joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.
network
low complexity
joyplus-project CWE-352
8.8
8.8