Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-29 | CVE-2024-50466 | Cross-Site Request Forgery (CSRF) vulnerability in Darkmysite Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite – Advanced Dark Mode Plugin for WordPress darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite – Advanced Dark Mode Plugin for WordPress: from n/a through 1.2.8. | 8.8 |
2024-10-29 | CVE-2024-9990 | Cross-Site Request Forgery (CSRF) vulnerability in Odude Crypto Tool The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.15. | 8.8 |
2024-10-29 | CVE-2024-6673 | Cross-Site Request Forgery (CSRF) vulnerability in Lollms web UI A Cross-Site Request Forgery (CSRF) vulnerability exists in the `install_comfyui` endpoint of the `lollms_comfyui.py` file in the parisneo/lollms-webui repository, versions v9.9 to the latest. | 6.5 |
2024-10-29 | CVE-2024-49672 | Cross-Site Request Forgery (CSRF) vulnerability in Google Docs Rsvp Project Google Docs Rsvp Cross-Site Request Forgery (CSRF) vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn Google Docs RSVP allows Stored XSS.This issue affects Google Docs RSVP: from n/a through 2.0.1. | 6.1 |
2024-10-29 | CVE-2024-46872 | Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in Playbooks | 4.6 |
2024-10-28 | CVE-2024-10448 | Cross-Site Request Forgery (CSRF) vulnerability in Fabianros Blood Bank Management System 1.0 A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. | 6.5 |
2024-10-25 | CVE-2024-9598 | The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.99.1. | 8.8 |
2024-10-24 | CVE-2024-47879 | Cross-Site Request Forgery (CSRF) vulnerability in Openrefine OpenRefine is a free, open source tool for working with messy data. | 8.8 |
2024-10-24 | CVE-2024-9943 | The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.4. | 6.3 |
2024-10-23 | CVE-2024-10045 | Cross-Site Request Forgery (CSRF) vulnerability in Wpbeginner Transients Manager The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. | 4.3 |