Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-18 | CVE-2023-47671 | Cross-Site Request Forgery (CSRF) vulnerability in Gopiplus Vertical Scroll Recent Registered User Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0. | 8.8 |
| 2023-11-18 | CVE-2023-48017 | Cross-Site Request Forgery (CSRF) vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF in Permission Management. | 8.8 |
| 2023-11-17 | CVE-2023-47757 | Cross-Site Request Forgery (CSRF) vulnerability in Aweber Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth: from n/a through 7.3.9. | 8.8 |
| 2023-11-17 | CVE-2023-38130 | Cross-Site Request Forgery (CSRF) vulnerability in Cubecart Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system. | 8.1 |
| 2023-11-16 | CVE-2023-43275 | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 5.7 Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalog_add.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form. | 8.8 |
| 2023-11-15 | CVE-2023-4689 | Cross-Site Request Forgery (CSRF) vulnerability in Webtechstreet Elementor Addon Elements The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. | 4.3 |
| 2023-11-15 | CVE-2023-4690 | Cross-Site Request Forgery (CSRF) vulnerability in Webtechstreet Elementor Addon Elements The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. | 4.3 |
| 2023-11-14 | CVE-2023-39412 | Cross-Site Request Forgery (CSRF) vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244 Cross-site request forgery in some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | 8.8 |
| 2023-11-14 | CVE-2023-48020 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/changeStatus. | 8.8 |
| 2023-11-14 | CVE-2023-48021 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/update. | 8.8 |