Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-08-20 CVE-2015-9332 Cross-Site Request Forgery (CSRF) vulnerability in Wordpress Uninstall Project Wordpress Uninstall 1.0/1.1
The uninstall plugin before 1.2 for WordPress has CSRF to delete all tables via the wp-admin/admin-ajax.php?action=uninstall URI.
5.8
2019-08-20 CVE-2014-10381 Cross-Site Request Forgery (CSRF) vulnerability in User Domain Whitelist Project User Domain Whitelist
The user-domain-whitelist plugin before 1.5 for WordPress has CSRF.
6.8
2019-08-20 CVE-2011-5328 Cross-Site Request Forgery (CSRF) vulnerability in User Access Manager Project User Access Manager
The user-access-manager plugin before 1.2 for WordPress has CSRF.
6.8
2019-08-20 CVE-2019-15229 Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS
FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console.
6.8
2019-08-19 CVE-2019-15150 Cross-Site Request Forgery (CSRF) vulnerability in Schine.Games Mw-Oauth2Client 0.2/0.3
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.
network
low complexity
schine-games CWE-352
8.8
2019-08-16 CVE-2019-15115 Cross-Site Request Forgery (CSRF) vulnerability in Profilepress Loginwp
The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF.
6.8
2019-08-16 CVE-2019-15114 Cross-Site Request Forgery (CSRF) vulnerability in Ncrafts Formcraft
The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF.
network
ncrafts CWE-352
6.8
2019-08-16 CVE-2019-15113 Cross-Site Request Forgery (CSRF) vulnerability in Codeermeneer Companion Sitemap Generator
The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF.
6.8
2019-08-16 CVE-2018-20974 Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS JOB Manager
The js-jobs plugin before 1.0.7 for WordPress has CSRF.
network
joomsky CWE-352
6.8
2019-08-16 CVE-2018-20972 Cross-Site Request Forgery (CSRF) vulnerability in Codeermeneer Companion Auto Update
The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.
6.8