Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-12	CVE-2016-10874	Cross-Site Request Forgery (CSRF) vulnerability in Wpseeds WP Database Backup The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. network low complexity wpseeds CWE-352	8.8
2019-08-11	CVE-2019-14933	Cross-Site Request Forgery (CSRF) vulnerability in Webkul Bagisto 0.1.5 Bagisto 0.1.5 allows CSRF under /admin URIs. network webkul CWE-352	6.8
2019-08-09	CVE-2016-10865	Cross-Site Request Forgery (CSRF) vulnerability in 23Systems Lightbox Plus Colorbox 2.7.2 The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS. network 23systems CWE-352	4.3
2019-08-08	CVE-2017-18485	Cross-Site Request Forgery (CSRF) vulnerability in Elementalpath Cognitoys Dino Firmware Cognitoys Dino devices allow profiles_add.html CSRF. network elementalpath CWE-352	5.8
2019-08-08	CVE-2016-10863	Cross-Site Request Forgery (CSRF) vulnerability in Edimax 7237Rpd Firmware and Ew-7438Rpn Mini Firmware Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure. network edimax CWE-352	6.8
2019-08-08	CVE-2016-10862	Cross-Site Request Forgery (CSRF) vulnerability in Neetcables Airstream NAS Firmware 1.1 Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. network neetcables CWE-352	6.8
2019-08-08	CVE-2015-9292	Cross-Site Request Forgery (CSRF) vulnerability in 6Kbbs 7.1/8.0 6kbbs 7.1 and 8.0 allows CSRF via portalchannel_ajax.php (id or code parameter) or admin.php (fileids parameter). network 6kbbs CWE-352	6.8
2019-08-08	CVE-2019-14683	Cross-Site Request Forgery (CSRF) vulnerability in Codection Import Users From CSV With Meta The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF. network low complexity codection CWE-352	5.7
2019-08-08	CVE-2019-14682	Cross-Site Request Forgery (CSRF) vulnerability in Acf: Better Search Project Acf: Better Search The acf-better-search (aka ACF: Better Search) plugin before 3.3.1 for WordPress allows wp-admin/options-general.php?page=acfbs_admin_page CSRF. network acf CWE-352	4.3
2019-08-08	CVE-2019-14681	Cross-Site Request Forgery (CSRF) vulnerability in Deny ALL Firewall Project Deny ALL Firewall The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=daf_settings&daf_remove=true CSRF. network deny-all-firewall-project CWE-352	6.8