Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-09-13 CVE-2016-10944 Cross-Site Request Forgery (CSRF) vulnerability in Wpmaz Multisite Post Duplicator
The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.
network
low complexity
wpmaz CWE-352
8.8
8.8
2019-09-13 CVE-2016-10938 Cross-Site Request Forgery (CSRF) vulnerability in Copy-Me Project Copy-Me 1.0.0
The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location.
network
low complexity
copy-me-project CWE-352
6.5
6.5
2019-09-12 CVE-2019-5993 Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq Category Specific RSS Feed Subscription
Cross-site request forgery (CSRF) vulnerability in Category Specific RSS feed Subscription version v2.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
tipsandtricks-hq CWE-352
8.8
8.8
2019-09-12 CVE-2019-5992 Cross-Site Request Forgery (CSRF) vulnerability in Ultra-Prod Wordpress Ultra Simple Paypal Shopping Cart
Cross-site request forgery (CSRF) vulnerability in WordPress Ultra Simple Paypal Shopping Cart v4.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
ultra-prod CWE-352
8.8
8.8
2019-09-12 CVE-2019-5986 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver.
network
low complexity
ntt-east ntt-west CWE-352
8.8
8.8
2019-09-11 CVE-2019-1261 Cross-Site Request Forgery (CSRF) vulnerability in Microsoft products
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka 'Microsoft SharePoint Spoofing Vulnerability'.
network
low complexity
microsoft CWE-352
8.8
8.8
2019-09-11 CVE-2019-1259 Cross-Site Request Forgery (CSRF) vulnerability in Microsoft Sharepoint Foundation 2013
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka 'Microsoft SharePoint Spoofing Vulnerability'.
network
low complexity
microsoft CWE-352
8.8
8.8
2019-09-11 CVE-2019-14998 Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server
The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before version 8.4.0 allows remote attackers to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.
network
low complexity
atlassian CWE-352
6.5
6.5
2019-09-10 CVE-2017-18607 Cross-Site Request Forgery (CSRF) vulnerability in Theme-Fusion Avada
The avada theme before 5.1.5 for WordPress has CSRF.
network
low complexity
theme-fusion CWE-352
8.8
8.8
2019-09-09 CVE-2019-10253 Cross-Site Request Forgery (CSRF) vulnerability in Teammatesolutions Teammate+ 21.0.0.0
A Cross-Site Request Forgery (CSRF) vulnerability exists in TeamMate+ 21.0.0.0 that allows a remote attacker to modify application data (upload malicious/forged files on a TeamMate server, or replace existing uploaded files with malicious/forged files).
network
low complexity
teammatesolutions CWE-352
6.5
6.5