Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-11-21 CVE-2024-11416 The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1.
network
low complexity
CWE-352
6.1
2024-11-19 CVE-2024-51669 Cross-Site Request Forgery (CSRF) vulnerability in Vivwebsolutions Dynamic Widgets
Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs Dynamic Widgets.This issue affects Dynamic Widgets: from n/a through 1.6.4.
network
low complexity
vivwebsolutions CWE-352
8.8
2024-11-19 CVE-2024-52392 Cross-Site Request Forgery (CSRF) vulnerability in W3Speedster
Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects W3SPEEDSTER: from n/a through 7.25.
network
low complexity
w3speedster CWE-352
6.5
2024-11-18 CVE-2024-52424 Cross-Site Request Forgery (CSRF) vulnerability in Sureshkumar Wp-Login Customizer 1.0
Cross-Site Request Forgery (CSRF) vulnerability in Suresh Kumar wp-login customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through 1.0.
network
low complexity
sureshkumar CWE-352
6.1
2024-11-16 CVE-2024-6628 The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.9.9.
network
low complexity
CWE-352
4.3
2024-11-14 CVE-2024-51679 Cross-Site Request Forgery (CSRF) vulnerability in Appointmind
Cross-Site Request Forgery (CSRF) vulnerability in GentleSource Appointmind allows Stored XSS.This issue affects Appointmind: from n/a through 4.0.0.
network
low complexity
appointmind CWE-352
6.1
2024-11-13 CVE-2024-10593 The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.1.6.
network
low complexity
CWE-352
4.3
2024-11-13 CVE-2024-11143 Cross-Site Request Forgery (CSRF) vulnerability in Kognetiks Chatbot
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8.
network
low complexity
kognetiks CWE-352
4.3
2024-11-12 CVE-2024-28731 Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dwr-2000M Firmware 1.34Me
Cross Site Request Forgery vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to obtain sensitive information via the Port forwarding option.
network
low complexity
dlink CWE-352
4.3
2024-11-12 CVE-2024-11125 Cross-Site Request Forgery (CSRF) vulnerability in Get-Simple Getsimplecms 3.3.16
A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic.
network
low complexity
get-simple CWE-352
4.3