Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-08-16 CVE-2018-20972 Cross-Site Request Forgery (CSRF) vulnerability in Codeermeneer Companion Auto Update
The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.
network
low complexity
codeermeneer CWE-352
8.8
8.8
2019-08-16 CVE-2018-20971 Cross-Site Request Forgery (CSRF) vulnerability in Churchadminplugin Church Admin
The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.
network
low complexity
churchadminplugin CWE-352
8.8
8.8
2019-08-16 CVE-2017-18547 Cross-Site Request Forgery (CSRF) vulnerability in Neliosoftware Nelio AB Testing
The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms.
network
low complexity
neliosoftware CWE-352
8.8
8.8
2019-08-16 CVE-2017-18546 Cross-Site Request Forgery (CSRF) vulnerability in Jayj Quicktag Project Jayj Quicktag
The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF.
network
low complexity
jayj-quicktag-project CWE-352
8.8
8.8
2019-08-16 CVE-2017-18544 Cross-Site Request Forgery (CSRF) vulnerability in Invite Anyone Project Invite Anyone
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.
network
low complexity
invite-anyone-project CWE-352
8.8
8.8
2019-08-16 CVE-2015-9322 Cross-Site Request Forgery (CSRF) vulnerability in Erident Custom Login and Dashboard Project Erident Custom Login and Dashboard
The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF. 		8.8
8.8
2019-08-15 CVE-2019-13516 Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API
In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect.
network
low complexity
osisoft CWE-352
8.8
8.8
2019-08-15 CVE-2018-14668 Cross-Site Request Forgery (CSRF) vulnerability in Yandex Clickhouse
In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks.
network
low complexity
yandex CWE-352
8.8
8.8
2019-08-14 CVE-2019-15062 Cross-Site Request Forgery (CSRF) vulnerability in Dolibarr Erp/Crm 11.0.0
An issue was discovered in Dolibarr 11.0.0-alpha.
network
low complexity
dolibarr CWE-352
8.0
8.0
2019-08-14 CVE-2019-14526 Cross-Site Request Forgery (CSRF) vulnerability in Netgear Mr1100 Firmware 12.05.05.00
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03.
network
low complexity
netgear CWE-352
8.1
8.1