Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-09-21 CVE-2019-16659 Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6
TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.
network
low complexity
tuzicms CWE-352
8.8
8.8
2019-09-21 CVE-2019-16658 Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6
TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.
network
low complexity
tuzicms CWE-352
8.8
8.8
2019-09-20 CVE-2018-17789 Cross-Site Request Forgery (CSRF) vulnerability in Prospecta Master Data Online
Prospecta Master Data Online (MDO) allows CSRF.
network
low complexity
prospecta CWE-352
6.5
6.5
2019-09-20 CVE-2015-9408 Cross-Site Request Forgery (CSRF) vulnerability in Cyberseo Xpinner Lite 2.2
The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS.
network
low complexity
cyberseo CWE-352
6.5
6.5
2019-09-20 CVE-2015-9394 Cross-Site Request Forgery (CSRF) vulnerability in Usersultra Users Ultra Membership 1.5.59
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.
network
low complexity
usersultra CWE-352
8.8
8.8
2019-09-20 CVE-2016-10997 Cross-Site Request Forgery (CSRF) vulnerability in Yourinspirationweb Beauty-Premium 1.0.8
The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php.
network
low complexity
yourinspirationweb CWE-352
6.5
6.5
2019-09-20 CVE-2015-9388 Cross-Site Request Forgery (CSRF) vulnerability in Mtouch Quiz Project Mtouch Quiz
The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS.
network
low complexity
mtouch-quiz-project CWE-352
6.5
6.5
2019-09-20 CVE-2015-9387 Cross-Site Request Forgery (CSRF) vulnerability in Mtouch Quiz Project Mtouch Quiz
The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF.
network
low complexity
mtouch-quiz-project CWE-352
6.5
6.5
2019-09-20 CVE-2019-15089 Cross-Site Request Forgery (CSRF) vulnerability in Prise Adas 1.7.0
An issue was discovered in PRiSE adAS 1.7.0.
network
low complexity
prise CWE-352
8.8
8.8
2019-09-20 CVE-2019-16531 Cross-Site Request Forgery (CSRF) vulnerability in Layerbb
LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
network
low complexity
layerbb CWE-352
8.8
8.8