Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-08-22 CVE-2024-40886 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in User Management page of the system console.
network
low complexity
mattermost CWE-352
8.8
8.8
2024-08-21 CVE-2024-7647 Cross-Site Request Forgery (CSRF) vulnerability in Otasync OTA Sync Booking Engine Widget
The OTA Sync Booking Engine Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.7.
network
low complexity
otasync CWE-352
6.1
6.1
2024-08-20 CVE-2024-42603 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearall
network
low complexity
pligg CWE-352
8.8
8.8
2024-08-20 CVE-2024-42604 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_group.php?mode=delete&group_id=3
network
low complexity
pligg CWE-352
8.8
8.8
2024-08-20 CVE-2024-42605 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/edit_page.php?link_id=1
network
low complexity
pligg CWE-352
8.8
8.8
2024-08-20 CVE-2024-42606 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_log.php?clear=1
network
low complexity
pligg CWE-352
8.8
8.8
2024-08-20 CVE-2024-42607 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=database
network
low complexity
pligg CWE-352
8.8
8.8
2024-08-20 CVE-2024-42609 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=avatars
network
low complexity
pligg CWE-352
8.8
8.8
2024-08-20 CVE-2024-42610 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=files
network
low complexity
pligg CWE-352
8.8
8.8
2024-08-20 CVE-2024-42611 Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/admin_page.php?link_id=1&mode=delete
network
low complexity
pligg CWE-352
8.8
8.8