Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-27387 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) in T&D Corporation and ESPEC MIC CORP. | 8.8 |
| 2023-05-23 | CVE-2023-31708 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.6.2 A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function. | 4.3 |
| 2023-05-22 | CVE-2022-45076 | Cross-Site Request Forgery (CSRF) vulnerability in Webmat Flexible Elementor Panel Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions. | 8.8 |
| 2023-05-22 | CVE-2022-47183 | Cross-Site Request Forgery (CSRF) vulnerability in Stylist Project Stylist 0.2.6 Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Block Design, Style, CSS for ANY Gutenberg Blocks plugin <= 0.2.6 versions. | 8.8 |
| 2023-05-20 | CVE-2023-2717 | Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. | 4.3 |
| 2023-05-20 | CVE-2023-2736 | Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. | 8.0 |
| 2023-05-17 | CVE-2023-2608 | Cross-Site Request Forgery (CSRF) vulnerability in Themeisle multiple Page Generator The Multiple Page Generator Plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to missing nonce verification on the projects_list function and insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 4.3 |
| 2023-05-17 | CVE-2023-2528 | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form The Contact Form by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.24. | 8.8 |
| 2023-05-16 | CVE-2023-2195 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Code DX A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL. | 3.5 |
| 2023-05-16 | CVE-2023-2631 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Code DX A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 4.3 |