Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-16 | CVE-2024-5815 | Cross-Site Request Forgery (CSRF) vulnerability in Github Enterprise Server A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. | 6.5 |
| 2024-07-15 | CVE-2024-6075 | Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq WP Estore The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks | 8.8 |
| 2024-07-12 | CVE-2024-6022 | Cross-Site Request Forgery (CSRF) vulnerability in Adamsolymosi Contentlock 1.0.2/1.0.3 The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 8.8 |
| 2024-07-12 | CVE-2024-6023 | Cross-Site Request Forgery (CSRF) vulnerability in Adamsolymosi Contentlock 1.0.2/1.0.3 The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when adding emails, which could allow attackers to make a logged in admin perform such action via a CSRF attack | 8.8 |
| 2024-07-11 | CVE-2024-1845 | Cross-Site Request Forgery (CSRF) vulnerability in E4Jconnect Vikrentcar The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks | 8.8 |
| 2024-07-10 | CVE-2024-40332 | Cross-Site Request Forgery (CSRF) vulnerability in Idccms 1.35 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord | 8.8 |
| 2024-07-10 | CVE-2024-28828 | Cross-Site Request Forgery (CSRF) vulnerability in Checkmk 2.0.0/2.1.0 Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) could lead to 1-click compromize of the site. | 8.8 |
| 2024-07-10 | CVE-2024-40334 | Cross-Site Request Forgery (CSRF) vulnerability in Idccms 1.35 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3 | 8.8 |
| 2024-07-09 | CVE-2024-40034 | Cross-Site Request Forgery (CSRF) vulnerability in Idccms Project Idccms 1.35 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=del | 8.8 |
| 2024-07-09 | CVE-2024-40037 | Cross-Site Request Forgery (CSRF) vulnerability in Idccms Project Idccms 1.35 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=del | 8.8 |