Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2023-4731 | Cross-Site Request Forgery (CSRF) vulnerability in Ladipage The LadiApp plugn for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the init_endpoint() function hooked via 'init' in versions up to, and including, 4.4. | 4.3 |
| 2024-03-06 | CVE-2024-1760 | Cross-Site Request Forgery (CSRF) vulnerability in Nsquared Simply Schedule Appointments 1.6.6.16/1.6.6.20/1.6.6.7 The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.6.20. | 4.7 |
| 2024-03-02 | CVE-2023-6326 | Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.3. | 4.3 |
| 2024-02-29 | CVE-2024-22939 | Cross-Site Request Forgery (CSRF) vulnerability in Sunkaifei Flycms 1.0 Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_edit component. | 8.8 |
| 2024-02-29 | CVE-2023-48651 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) at /ccm/system/dialogs/file/delete/1/submit. | 4.3 |
| 2024-02-29 | CVE-2023-48653 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS Concrete CMS before 8.5.14 and 9 before 9.2.3 allows Cross Site Request Forgery (CSRF) via ccm/calendar/dialogs/event/delete/submit. | 4.3 |
| 2024-02-28 | CVE-2024-23910 | Cross-Site Request Forgery (CSRF) vulnerability in Elecom products Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. | 8.8 |
| 2024-02-28 | CVE-2024-0431 | Cross-Site Request Forgery (CSRF) vulnerability in Fabrick Gestpay for Woocommerce The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. | 4.3 |
| 2024-02-28 | CVE-2024-0432 | Cross-Site Request Forgery (CSRF) vulnerability in Fabrick Gestpay for Woocommerce The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. | 4.3 |
| 2024-02-28 | CVE-2024-0433 | Cross-Site Request Forgery (CSRF) vulnerability in Fabrick Gestpay for Woocommerce The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. | 4.3 |