Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-11-22 CVE-2023-28749 Cross-Site Request Forgery (CSRF) vulnerability in Cminds CM on Demand Search and Replace
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions.
network
low complexity
cminds CWE-352
8.8
8.8
2023-11-22 CVE-2023-2447 Cross-Site Request Forgery (CSRF) vulnerability in Userproplugin Userpro
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1.
network
low complexity
userproplugin CWE-352
6.1
6.1
2023-11-22 CVE-2022-35638 Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2023-11-21 CVE-2023-5776 Cross-Site Request Forgery (CSRF) vulnerability in Wpexpertplugins Post Meta Data Manager
The Post Meta Data Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1.
network
low complexity
wpexpertplugins CWE-352
8.8
8.8
2023-11-20 CVE-2023-38885 Cross-Site Request Forgery (CSRF) vulnerability in Os4Ed Opensis 9.0
OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery (CSRF) protection throughout the whole app.
network
low complexity
os4ed CWE-352
8.8
8.8
2023-11-20 CVE-2023-48293 Cross-Site Request Forgery (CSRF) vulnerability in Xwiki
The XWiki Admin Tools Application provides tools to help the administration of XWiki.
network
low complexity
xwiki CWE-352
8.8
8.8
2023-11-20 CVE-2023-4824 Cross-Site Request Forgery (CSRF) vulnerability in Bdaia Woohoo Newspaper Magazine Theme
The WooHoo Newspaper Magazine theme does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
network
low complexity
bdaia CWE-352
8.8
8.8
2023-11-20 CVE-2023-48292 Cross-Site Request Forgery (CSRF) vulnerability in Xwiki Admin Tools
The XWiki Admin Tools Application provides tools to help the administration of XWiki.
network
low complexity
xwiki CWE-352
8.8
8.8
2023-11-20 CVE-2023-6196 Cross-Site Request Forgery (CSRF) vulnerability in Myaudiomerchant Audio Merchant 5.0.4
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4.
network
low complexity
myaudiomerchant CWE-352
8.8
8.8
2023-11-20 CVE-2023-6197 Cross-Site Request Forgery (CSRF) vulnerability in Myaudiomerchant Audio Merchant 5.0.4
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4.
network
low complexity
myaudiomerchant CWE-352
5.4
5.4