Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-08-01 CVE-2024-40883 Cross-Site Request Forgery (CSRF) vulnerability in Elecom products
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers.
network
low complexity
elecom CWE-352
8.8
8.8
2024-07-31 CVE-2024-3083 Cross-Site Request Forgery (CSRF) vulnerability in Proges Sensor NET Connect Firmware V2 2.24
A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a malicious web page.
network
low complexity
proges CWE-352
8.3
8.3
2024-07-24 CVE-2024-3246 Cross-Site Request Forgery (CSRF) vulnerability in Litespeedtech Litespeed Cache
The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0.1.
network
low complexity
litespeedtech CWE-352
5.4
5.4
2024-07-24 CVE-2024-6751 Cross-Site Request Forgery (CSRF) vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.3.14.
network
low complexity
wpwebinfotech CWE-352
6.5
6.5
2024-07-22 CVE-2024-6244 Cross-Site Request Forgery (CSRF) vulnerability in Projectzealous PZ Frontend Manager
The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
network
low complexity
projectzealous CWE-352
8.8
8.8
2024-07-22 CVE-2024-6271 Cross-Site Request Forgery (CSRF) vulnerability in Community Events Project Community Events
The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete arbitrary events via a CSRF attack
network
low complexity
community-events-project CWE-352
5.4
5.4
2024-07-18 CVE-2024-39678 Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked
Cooked is a recipe plugin for WordPress.
network
low complexity
boxystudio CWE-352
8.8
8.8
2024-07-18 CVE-2024-39679 Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked
Cooked is a recipe plugin for WordPress.
network
low complexity
boxystudio CWE-352
8.8
8.8
2024-07-18 CVE-2024-39680 Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked
Cooked is a recipe plugin for WordPress.
network
low complexity
boxystudio CWE-352
8.8
8.8
2024-07-18 CVE-2024-39681 Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked
Cooked is a recipe plugin for WordPress.
network
low complexity
boxystudio CWE-352
8.8
8.8