Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-25 | CVE-2024-0880 | Cross-Site Request Forgery (CSRF) vulnerability in 100296 Qdbcrm 1.1.0 A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as problematic. | 8.8 |
| 2024-01-25 | CVE-2024-0624 | Cross-Site Request Forgery (CSRF) vulnerability in Strangerstudios Paid Memberships PRO The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.7. | 5.3 |
| 2024-01-24 | CVE-2024-23902 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Github Branch Source A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier allows attackers to connect to an attacker-specified URL. | 4.3 |
| 2024-01-22 | CVE-2023-6625 | Cross-Site Request Forgery (CSRF) vulnerability in Gravitymaster Product Enquiry for Woocommerce 3.0 The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack | 4.3 |
| 2024-01-20 | CVE-2024-0623 | Cross-Site Request Forgery (CSRF) vulnerability in Vektor-Inc VK Block Patterns The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. | 4.3 |
| 2024-01-20 | CVE-2023-47024 | Cross-Site Request Forgery (CSRF) vulnerability in Ncratleos Terminal Handler 1.5.1 Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. | 8.8 |
| 2024-01-19 | CVE-2023-47718 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2024-01-19 | CVE-2024-22424 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 8.3 |
| 2024-01-18 | CVE-2024-22601 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save | 8.8 |
| 2024-01-18 | CVE-2024-22603 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link | 8.8 |