Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-12	CVE-2023-28497	Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin <= 1.7.6 versions. network low complexity tribulant CWE-352	8.8
2023-11-12	CVE-2023-29238	Cross-Site Request Forgery (CSRF) vulnerability in Whydonate WP Whydonate Cross-Site Request Forgery (CSRF) vulnerability in Whydonate Whydonate – FREE Donate button – Crowdfunding – Fundraising plugin <= 3.12.15 versions. network low complexity whydonate CWE-352	8.8
2023-11-09	CVE-2023-32502	Cross-Site Request Forgery (CSRF) vulnerability in Cyberwire PRO Mime Types Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions. network low complexity cyberwire CWE-352	8.8
2023-11-09	CVE-2023-34031	Cross-Site Request Forgery (CSRF) vulnerability in Casier Bbpress Toolkit 1.0.12 Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions. network low complexity casier CWE-352	8.8
2023-11-09	CVE-2023-34171	Cross-Site Request Forgery (CSRF) vulnerability in Esiteq WP Report Post 2.1.2 Cross-Site Request Forgery (CSRF) vulnerability in Alex Raven WP Report Post plugin <= 2.1.2 versions. network low complexity esiteq CWE-352	8.8
2023-11-09	CVE-2023-47238	Cross-Site Request Forgery (CSRF) vulnerability in Webberzone TOP 10 Cross-Site Request Forgery (CSRF) vulnerability in WebberZone Top 10 – WordPress Popular posts by WebberZone plugin <= 3.3.2 versions. network low complexity webberzone CWE-352	8.8
2023-11-09	CVE-2023-45884	Cross-Site Request Forgery (CSRF) vulnerability in Nasa Openmct Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to view sensitive information via the flexibleLayout plugin. network low complexity nasa CWE-352	6.5
2023-11-08	CVE-2023-45857	Cross-Site Request Forgery (CSRF) vulnerability in Axios 1.5.1 An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information. network low complexity axios CWE-352	6.5
2023-11-07	CVE-2023-5982	Cross-Site Request Forgery (CSRF) vulnerability in Updraftplus The UpdraftPlus: WordPress Backup & Migration Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.23.10. network low complexity updraftplus CWE-352	5.4
2023-11-07	CVE-2023-5818	Cross-Site Request Forgery (CSRF) vulnerability in Gara Amazonify 0.8.1 The Amazonify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.8.1. network low complexity gara CWE-352	4.3