Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-12 | CVE-2023-6501 | Cross-Site Request Forgery (CSRF) vulnerability in Cochinoman Splashscreen The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 |
| 2024-02-11 | CVE-2024-25417 | Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php. | 8.8 |
| 2024-02-11 | CVE-2024-25418 | Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php. | 8.8 |
| 2024-02-11 | CVE-2024-25419 | Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php. | 8.8 |
| 2024-02-09 | CVE-2023-50349 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. | 8.8 |
| 2024-02-09 | CVE-2024-23319 | Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message. | 3.5 |
| 2024-02-09 | CVE-2024-24819 | Cross-Site Request Forgery (CSRF) vulnerability in Icinga Icingaweb2-Module-Incubator icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. | 8.8 |
| 2024-02-09 | CVE-2024-24820 | Cross-Site Request Forgery (CSRF) vulnerability in Icinga Icinga Director is a tool designed to make Icinga 2 configuration handling easy. | 8.3 |
| 2024-02-08 | CVE-2023-47020 | Cross-Site Request Forgery (CSRF) vulnerability in Ncratleos Terminal Handler 1.5.1 Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. | 8.8 |
| 2024-02-08 | CVE-2024-0511 | Cross-Site Request Forgery (CSRF) vulnerability in Royal-Elementor-Addons Royal Elementor Addons The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. | 4.3 |