Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-11-22 CVE-2024-9665 Cross-Site Request Forgery (CSRF) vulnerability in Zimbra
Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability.
network
low complexity
zimbra CWE-352
6.5
6.5
2024-11-21 CVE-2024-10726 The Friendly Functions for Welcart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.4.
network
low complexity
CWE-352
6.1
6.1
2024-11-21 CVE-2024-11416 The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1.
network
low complexity
CWE-352
6.1
6.1
2024-11-19 CVE-2024-51669 Cross-Site Request Forgery (CSRF) vulnerability in Vivwebsolutions Dynamic Widgets
Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs Dynamic Widgets.This issue affects Dynamic Widgets: from n/a through 1.6.4.
network
low complexity
vivwebsolutions CWE-352
8.8
8.8
2024-11-19 CVE-2024-52392 Cross-Site Request Forgery (CSRF) vulnerability in W3Speedster
Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects W3SPEEDSTER: from n/a through 7.25.
network
low complexity
w3speedster CWE-352
6.5
6.5
2024-11-18 CVE-2024-52424 Cross-Site Request Forgery (CSRF) vulnerability in Sureshkumar Wp-Login Customizer 1.0
Cross-Site Request Forgery (CSRF) vulnerability in Suresh Kumar wp-login customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through 1.0.
network
low complexity
sureshkumar CWE-352
6.1
6.1
2024-11-16 CVE-2024-6628 The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.9.9.
network
low complexity
CWE-352
4.3
4.3
2024-11-14 CVE-2024-51679 Cross-Site Request Forgery (CSRF) vulnerability in Appointmind
Cross-Site Request Forgery (CSRF) vulnerability in GentleSource Appointmind allows Stored XSS.This issue affects Appointmind: from n/a through 4.0.0.
network
low complexity
appointmind CWE-352
6.1
6.1
2024-11-13 CVE-2024-10593 The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.1.6.
network
low complexity
CWE-352
4.3
4.3
2024-11-13 CVE-2024-11143 Cross-Site Request Forgery (CSRF) vulnerability in Kognetiks Chatbot
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8.
network
low complexity
kognetiks CWE-352
4.3
4.3