Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-12	CVE-2021-4422	Cross-Site Request Forgery (CSRF) vulnerability in Wpexperts Post Smtp Mailer The POST SMTP Mailer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.20. network low complexity wpexperts CWE-352	4.3
2023-07-11	CVE-2023-37596	Cross-Site Request Forgery (CSRF) vulnerability in Issabel PBX 4.0.06 Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a crafted script to the deleteuser function. network low complexity issabel CWE-352	8.1
2023-07-11	CVE-2023-37597	Cross-Site Request Forgery (CSRF) vulnerability in Issabel PBX 4.0.06 Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function. network low complexity issabel CWE-352	8.1
2023-07-11	CVE-2023-3627	Cross-Site Request Forgery (CSRF) vulnerability in Salesagility Suitecrm Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1. network low complexity salesagility CWE-352	8.8
2023-07-11	CVE-2023-2746	Cross-Site Request Forgery (CSRF) vulnerability in Rockwellautomation Enhanced HIM 1.001 The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. network low complexity rockwellautomation CWE-352 critical	9.6
2023-07-11	CVE-2023-34029	Cross-Site Request Forgery (CSRF) vulnerability in Disable Wordpress Update Notifications and Auto-Update Email Notifications Project Disable Wordpress Update Notifications and Auto-Update Email Notifications Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable WordPress Update Notifications and auto-update Email Notifications plugin <= 2.3.3 versions. network low complexity disable-wordpress-update-notifications-and-auto-update-email-notifications-project CWE-352	6.5
2023-07-11	CVE-2023-35773	Cross-Site Request Forgery (CSRF) vulnerability in Template Debugger Project Template Debugger 3.1.2 Cross-Site Request Forgery (CSRF) vulnerability in Danny Hearnah - ChubbyNinjaa Template Debugger plugin <= 3.1.2 versions. network low complexity template-debugger-project CWE-352	8.8
2023-07-11	CVE-2023-34185	Cross-Site Request Forgery (CSRF) vulnerability in Wordpress Nextgen Galleryview Project Wordpress Nextgen Galleryview Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPress NextGen GalleryView plugin <= 0.5.5 versions. network low complexity wordpress-nextgen-galleryview-project CWE-352	6.5
2023-07-11	CVE-2022-29561	Cross-Site Request Forgery (CSRF) vulnerability in Siemens products A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). network low complexity siemens CWE-352	8.8
2023-07-11	CVE-2023-24421	Cross-Site Request Forgery (CSRF) vulnerability in Wpengine PHP Compatibility Checker Cross-Site Request Forgery (CSRF) vulnerability in WP Engine PHP Compatibility Checker plugin <= 1.5.2 versions. network low complexity wpengine CWE-352	8.8