Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-11-18 CVE-2023-47667 Cross-Site Request Forgery (CSRF) vulnerability in Paymentsplugin WP Full Stripe Free 1.6.1
Cross-Site Request Forgery (CSRF) vulnerability in Mammothology WP Full Stripe Free.This issue affects WP Full Stripe Free: from n/a through 7.0.16.
network
low complexity
paymentsplugin CWE-352
8.8
8.8
2023-11-18 CVE-2023-47670 Cross-Site Request Forgery (CSRF) vulnerability in Icansoft Korea SNS
Cross-Site Request Forgery (CSRF) vulnerability in Jongmyoung Kim Korea SNS.This issue affects Korea SNS: from n/a through 1.6.3.
network
low complexity
icansoft CWE-352
8.8
8.8
2023-11-18 CVE-2023-47671 Cross-Site Request Forgery (CSRF) vulnerability in Gopiplus Vertical Scroll Recent Registered User
Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0.
network
low complexity
gopiplus CWE-352
8.8
8.8
2023-11-18 CVE-2023-47672 Cross-Site Request Forgery (CSRF) vulnerability in Swashata WP Category Post List Widget 2.0.3
Cross-Site Request Forgery (CSRF) vulnerability in Swashata WP Category Post List Widget.This issue affects WP Category Post List Widget: from n/a through 2.0.3.
network
low complexity
swashata CWE-352
8.8
8.8
2023-11-18 CVE-2023-47685 Cross-Site Request Forgery (CSRF) vulnerability in Nkb-Bd Preloader Matrix 2.0.1
Cross-Site Request Forgery (CSRF) vulnerability in Lukman Nakib Preloader Matrix.This issue affects Preloader Matrix: from n/a through 2.0.1.
network
low complexity
nkb-bd CWE-352
8.8
8.8
2023-11-18 CVE-2023-48017 Cross-Site Request Forgery (CSRF) vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3
Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF in Permission Management.
network
low complexity
dreamer-cms-project CWE-352
8.8
8.8
2023-11-17 CVE-2023-5444 Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Epolicy Orchestrator
A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server.
network
low complexity
mcafee CWE-352
8.0
8.0
2023-11-17 CVE-2023-47757 Cross-Site Request Forgery (CSRF) vulnerability in Aweber
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth: from n/a through 7.3.9.
network
low complexity
aweber CWE-352
8.8
8.8
2023-11-17 CVE-2023-38130 Cross-Site Request Forgery (CSRF) vulnerability in Cubecart
Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system.
network
low complexity
cubecart CWE-352
8.1
8.1
2023-11-16 CVE-2023-47686 Cross-Site Request Forgery (CSRF) vulnerability in Kibokolabs Arigato Autoresponder and Newsletter
Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions.
network
low complexity
kibokolabs CWE-352
8.8
8.8