Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-07-30 CVE-2024-7226 Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 Medicine Tracker System 1.0
A vulnerability was found in SourceCodester Medicine Tracker System 1.0.
network
low complexity
oretnom23 CWE-352
8.8
8.8
2024-07-28 CVE-2024-7169 Cross-Site Request Forgery (CSRF) vulnerability in Oretnom23 School Fees Payment System 1.0
A vulnerability classified as problematic has been found in SourceCodester School Fees Payment System 1.0.
network
low complexity
oretnom23 CWE-352
8.8
8.8
2024-07-28 CVE-2024-7161 Cross-Site Request Forgery (CSRF) vulnerability in Seacms 13.0
A vulnerability classified as problematic was found in SeaCMS 13.0.
network
low complexity
seacms CWE-352
6.5
6.5
2024-07-25 CVE-2024-7106 Cross-Site Request Forgery (CSRF) vulnerability in Denkgroot Spina
A vulnerability classified as problematic was found in Spina CMS 2.18.0.
network
low complexity
denkgroot CWE-352
8.8
8.8
2024-07-24 CVE-2024-7065 Cross-Site Request Forgery (CSRF) vulnerability in Denkgroot Spina
A vulnerability was found in Spina CMS up to 2.18.0.
network
low complexity
denkgroot CWE-352
4.3
4.3
2024-07-24 CVE-2024-3246 Cross-Site Request Forgery (CSRF) vulnerability in Litespeedtech Litespeed Cache
The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1.
network
low complexity
litespeedtech CWE-352
5.4
5.4
2024-07-24 CVE-2024-6751 Cross-Site Request Forgery (CSRF) vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.3.14.
network
low complexity
wpwebinfotech CWE-352
6.5
6.5
2024-07-22 CVE-2024-6244 Cross-Site Request Forgery (CSRF) vulnerability in Projectzealous PZ Frontend Manager
The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
network
low complexity
projectzealous CWE-352
8.8
8.8
2024-07-22 CVE-2024-6271 Cross-Site Request Forgery (CSRF) vulnerability in Community Events Project Community Events
The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete arbitrary events via a CSRF attack
network
low complexity
community-events-project CWE-352
5.4
5.4
2024-07-16 CVE-2024-5815 Cross-Site Request Forgery (CSRF) vulnerability in Github Enterprise Server
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types.
network
low complexity
github CWE-352
6.5
6.5