Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-08-14 CVE-2019-14216 Cross-Site Request Forgery (CSRF) vulnerability in WP SVG Icons Project WP SVG Icons
An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress.
network
low complexity
wp-svg-icons-project CWE-352
8.8
8.8
2019-08-14 CVE-2019-10199 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Keycloak
It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests.
network
low complexity
redhat CWE-352
8.8
8.8
2019-08-14 CVE-2018-20968 Cross-Site Request Forgery (CSRF) vulnerability in Smackcoders Ultimate Exporter
The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.
network
low complexity
smackcoders CWE-352
8.8
8.8
2019-08-14 CVE-2018-20967 Cross-Site Request Forgery (CSRF) vulnerability in Smackcoders Import ALL Pages, Post Types, Products, Orders, and Users AS XML & CSV
The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF.
network
low complexity
smackcoders CWE-352
8.8
8.8
2019-08-14 CVE-2017-18513 Cross-Site Request Forgery (CSRF) vulnerability in Expresstech Responsive Menu
The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.
network
low complexity
expresstech CWE-352
8.8
8.8
2019-08-14 CVE-2017-18512 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Newsletter BY Supsystic
The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.
network
low complexity
supsystic CWE-352
8.8
8.8
2019-08-14 CVE-2017-18511 Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Custom Sidebars
The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF.
network
low complexity
wpmudev CWE-352
8.8
8.8
2019-08-14 CVE-2017-18510 Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Custom Sidebars 3.0.8.1
The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions.
network
low complexity
wpmudev CWE-352
8.8
8.8
2019-08-14 CVE-2016-10885 Cross-Site Request Forgery (CSRF) vulnerability in Benjaminrojas WP Editor
The wp-editor plugin before 1.2.6 for WordPress has CSRF.
network
low complexity
benjaminrojas CWE-352
8.8
8.8
2019-08-14 CVE-2016-10884 Cross-Site Request Forgery (CSRF) vulnerability in Simple-Membership-Plugin Simple Membership
The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues.
network
low complexity
simple-membership-plugin CWE-352
8.8
8.8