Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-08 | CVE-2023-47020 | Cross-Site Request Forgery (CSRF) vulnerability in Ncratleos Terminal Handler 1.5.1 Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. | 8.8 |
2024-02-08 | CVE-2024-0511 | Cross-Site Request Forgery (CSRF) vulnerability in Royal-Elementor-Addons Royal Elementor Addons The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. | 4.3 |
2024-02-07 | CVE-2024-20252 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Expressway 14.0/14.0.7/15.0 Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device. | 8.8 |
2024-02-07 | CVE-2024-20254 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Expressway 14.0/14.0.7/15.0 Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device. | 8.8 |
2024-02-07 | CVE-2024-20255 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Expressway 14.0/14.0.7/15.0 A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected system. | 7.1 |
2024-02-06 | CVE-2023-38579 | Cross-Site Request Forgery (CSRF) vulnerability in Westermo L206-F2G Firmware 4.24 The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. | 8.8 |
2024-02-06 | CVE-2024-24593 | Cross-Site Request Forgery (CSRF) vulnerability in Clear Clearml 0.17.0/1.14.1/1.4.0 A cross-site request forgery (CSRF) vulnerability in all versions up to 1.14.1 of the api server component of Allegro AI’s ClearML platform allows a remote attacker to impersonate a user by sending API requests via maliciously crafted html. | 8.8 |
2024-02-05 | CVE-2024-0373 | Cross-Site Request Forgery (CSRF) vulnerability in Formviewswp Views for Wpforms The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.2. | 4.3 |
2024-02-05 | CVE-2024-0374 | Cross-Site Request Forgery (CSRF) vulnerability in Formviewswp Views for Wpforms The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.2. | 4.3 |
2024-02-05 | CVE-2024-0428 | Cross-Site Request Forgery (CSRF) vulnerability in Kobzarev Index NOW The Index Now plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.3. | 8.8 |