Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-13 | CVE-2018-5669 | Cross-Site Request Forgery (CSRF) vulnerability in Read and Understood Project Read and Understood 2.1 An issue was discovered in the read-and-understood plugin 2.1 for WordPress. | 8.8 |
| 2018-01-13 | CVE-2018-5658 | Cross-Site Request Forgery (CSRF) vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18 An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. | 8.8 |
| 2018-01-13 | CVE-2018-5656 | Cross-Site Request Forgery (CSRF) vulnerability in Weblizar Pinterest-Feeds 1.1.1 An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. | 8.8 |
| 2018-01-12 | CVE-2017-16886 | Cross-Site Request Forgery (CSRF) vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 8.8 |
| 2018-01-12 | CVE-2016-0335 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Identity Manager Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | 8.8 |
| 2018-01-12 | CVE-2017-16862 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
| 2018-01-12 | CVE-2018-5368 | Cross-Site Request Forgery (CSRF) vulnerability in Srbtranslatin Project Srbtranslatin 1.46 The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php. | 8.8 |
| 2018-01-12 | CVE-2018-5361 | Cross-Site Request Forgery (CSRF) vulnerability in Wpglobus 1.9.6 The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php. | 8.8 |
| 2018-01-11 | CVE-2012-0699 | Cross-Site Request Forgery (CSRF) vulnerability in Haudenschilt Family Connections CMS Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php. | 8.8 |
| 2018-01-10 | CVE-2018-0785 | Cross-Site Request Forgery (CSRF) vulnerability in Microsoft Asp.Net Core 2.0 ASP.NET Core 1.0. | 6.5 |