Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-08-30 CVE-2019-15835 Cross-Site Request Forgery (CSRF) vulnerability in WP Better Permalinks Project WP Better Permalinks
The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF. 		6.8
6.8
2019-08-30 CVE-2019-15834 Cross-Site Request Forgery (CSRF) vulnerability in Webp Converter FOR Media Project Webp Converter for Media 1.0.0/1.0.1/1.0.2
The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF. 		6.8
6.8
2019-08-30 CVE-2019-15832 Cross-Site Request Forgery (CSRF) vulnerability in Wp-Buy Visitor Traffic Real Time Statistics
The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.
network
wp-buy CWE-352
6.8
6.8
2019-08-30 CVE-2019-15831 Cross-Site Request Forgery (CSRF) vulnerability in Wp-Buy Visitor Traffic Real Time Statistics
The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.
network
wp-buy CWE-352
6.8
6.8
2019-08-30 CVE-2019-15828 Cross-Site Request Forgery (CSRF) vulnerability in Tribulant ONE Click SSL
The one-click-ssl plugin before 1.4.7 for WordPress has CSRF.
network
tribulant CWE-352
6.8
6.8
2019-08-30 CVE-2015-9380 Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
network
10web CWE-352
6.8
6.8
2019-08-29 CVE-2019-15781 Cross-Site Request Forgery (CSRF) vulnerability in Weblizar Social Likebox & Feed
The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF.
network
weblizar CWE-352
6.8
6.8
2019-08-29 CVE-2019-15779 Cross-Site Request Forgery (CSRF) vulnerability in Quadlayers WP Social Feed Gallery
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete. 		6.8
6.8
2019-08-29 CVE-2019-15770 Cross-Site Request Forgery (CSRF) vulnerability in Hallme Woocommerce Address Book
The woo-address-book plugin before 1.6.0 for WordPress has save calls without nonce verification checks.
network
hallme CWE-352
6.8
6.8
2019-08-29 CVE-2019-15769 Cross-Site Request Forgery (CSRF) vulnerability in Haktansuren Handl UTM Grabber
The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via add_option and update_option. 		6.8
6.8