Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-24 | CVE-2021-45785 | Cross-Site Request Forgery (CSRF) vulnerability in Trudesk Project Trudesk 1.1.11 TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, causing a DoS attack. | 6.5 |
| 2024-06-22 | CVE-2024-3593 | Cross-Site Request Forgery (CSRF) vulnerability in Sevenspark Ubermenu 3.8.3 The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. | 5.4 |
| 2024-06-21 | CVE-2024-37118 | Cross-Site Request Forgery (CSRF) vulnerability in Uncannyowl Uncanny Automator Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue affects Uncanny Automator Pro: from n/a through 5.3. | 8.8 |
| 2024-06-21 | CVE-2024-37198 | Cross-Site Request Forgery (CSRF) vulnerability in Blazethemes Digital Newspaper Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue affects Digital Newspaper: from n/a through 1.1.5. | 8.8 |
| 2024-06-21 | CVE-2024-37227 | Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects Newsletters: from n/a through 4.9.7. | 8.8 |
| 2024-06-21 | CVE-2024-4382 | Cross-Site Request Forgery (CSRF) vulnerability in Wielebenwir Commonsbooking The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting codes, timeframes, and bookings via CSRF attacks | 6.5 |
| 2024-06-21 | CVE-2024-4474 | Cross-Site Request Forgery (CSRF) vulnerability in Onetarek WP Logs Book 1.0.1 The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 |
| 2024-06-21 | CVE-2024-4475 | Cross-Site Request Forgery (CSRF) vulnerability in Onetarek WP Logs Book 1.0.1 The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check when clearing logs, which could allow attackers to make a logged in admin clear the logs them via a CSRF attack | 4.3 |
| 2024-06-21 | CVE-2024-4969 | Cross-Site Request Forgery (CSRF) vulnerability in Devnath Verma Widget Bundle 2.0.0 The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets, which could allow attackers to make logged in admin enable/disable widgets via a CSRF attack | 4.3 |
| 2024-06-18 | CVE-2024-38276 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Incorrect CSRF token checks resulted in multiple CSRF risks. | 8.8 |