Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-26 | CVE-2015-9418 | Cross-Site Request Forgery (CSRF) vulnerability in Kibokolabs Watupro The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes. | 5.8 |
| 2019-09-26 | CVE-2015-9417 | Cross-Site Request Forgery (CSRF) vulnerability in Slidervilla Testimonial Slider The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS. | 4.3 |
| 2019-09-26 | CVE-2015-9413 | Cross-Site Request Forgery (CSRF) vulnerability in Eshop Project Eshop The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter. | 4.3 |
| 2019-09-25 | CVE-2015-9409 | Cross-Site Request Forgery (CSRF) vulnerability in Alo-Easymail Project Alo-Easymail The alo-easymail plugin before 2.6.01 for WordPress has CSRF with resultant XSS in pages/alo-easymail-admin-options.php. | 4.3 |
| 2019-09-25 | CVE-2019-10408 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Project Inheritance A cross-site request forgery vulnerability in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers to trigger project generation from templates. | 4.3 |
| 2019-09-24 | CVE-2019-4515 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0 and 3.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2019-09-23 | CVE-2019-16721 | Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user. | 5.8 |
| 2019-09-23 | CVE-2019-16719 | Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 allows index.php?g=admin&m=index&a=index CSRF with resultant XSS. | 4.3 |
| 2019-09-23 | CVE-2019-16706 | Cross-Site Request Forgery (CSRF) vulnerability in Kkcms Project Kkcms 1.3 kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php. | 6.8 |
| 2019-09-21 | CVE-2019-16678 | Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.3 admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route. | 4.3 |