VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Cross-Site Request Forgery (CSRF)
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-08
CVE-2024-41795
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions).
network
low complexity
CWE-352
6.5
6.5
2025-04-08
CVE-2025-3064
The WPFront User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.1.
network
low complexity
CWE-352
8.8
8.8
2025-04-05
CVE-2025-0810
The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.5.
network
high complexity
CWE-352
7.5
7.5
2025-04-04
CVE-2025-32280
Cross-Site Request Forgery (CSRF) vulnerability in Wedevs WP Project Manager
Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager allows Cross Site Request Forgery.
network
low complexity
wedevs
CWE-352
8.8
8.8
2025-04-04
CVE-2025-2797
The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21.
network
low complexity
CWE-352
5.4
5.4
2025-04-02
CVE-2024-56474
IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
CWE-352
4.3
4.3
2025-04-02
CVE-2025-3099
The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5.
network
low complexity
CWE-352
6.1
6.1
2025-03-26
CVE-2025-20228
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
network
low complexity
CWE-352
6.5
6.5
2025-03-25
CVE-2024-13710
The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0.
network
low complexity
CWE-352
4.3
4.3
2025-03-25
CVE-2025-2319
The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.11.13 to 5.25.08.
network
low complexity
CWE-352
8.8
8.8
«
Previous
1
2
3
4
(current)
5
6
...
352
353
»
Next