Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-10-31 CVE-2023-43295 Cross-Site Request Forgery (CSRF) vulnerability in Clickstudios Passwordstate 9.7
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request.
network
low complexity
clickstudios CWE-352
3.5
3.5
2023-10-31 CVE-2023-4251 Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Eventprime
The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks.
network
low complexity
metagauss CWE-352
4.3
4.3
2023-10-31 CVE-2023-5519 Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Eventprime
The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks.
network
low complexity
metagauss CWE-352
4.3
4.3
2023-10-30 CVE-2023-42323 Cross-Site Request Forgery (CSRF) vulnerability in Mnbvcxz131421 Douhaocms 3.3
Cross Site Request Forgery (CSRF) vulnerability in DouHaocms v.3.3 allows a remote attacker to execute arbitrary code via the adminAction.class.php file.
network
low complexity
mnbvcxz131421 CWE-352
8.8
8.8
2023-10-27 CVE-2023-5820 Cross-Site Request Forgery (CSRF) vulnerability in I13Websolution Thumbnail Slider With Lightbox 1.0
The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0.
network
low complexity
i13websolution CWE-352
8.8
8.8
2023-10-27 CVE-2023-46375 Cross-Site Request Forgery (CSRF) vulnerability in Zentao BIZ 4.1.3
ZenTao Biz version 4.1.3 and before is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
zentao CWE-352
8.8
8.8
2023-10-27 CVE-2023-42188 Cross-Site Request Forgery (CSRF) vulnerability in Macwk Icecms 2.0.1
IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
macwk CWE-352
6.5
6.5
2023-10-26 CVE-2023-45317 Cross-Site Request Forgery (CSRF) vulnerability in Sielco products
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests.
network
low complexity
sielco CWE-352
8.8
8.8
2023-10-25 CVE-2023-46198 Cross-Site Request Forgery (CSRF) vulnerability in Apointzilla Appointment Calendar
Cross-Site Request Forgery (CSRF) vulnerability in Scientech It Solution Appointment Calendar plugin <= 2.9.6 versions.
network
low complexity
apointzilla CWE-352
8.8
8.8
2023-10-21 CVE-2023-46067 Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Font
Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Font plugin <= 1.2.3 versions.
network
low complexity
qwerty23 CWE-352
8.8
8.8