Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-22 | CVE-2023-0870 | Cross-Site Request Forgery (CSRF) vulnerability in Opennms Horizon A form can be manipulated with cross-site request forgery in multiple versions of OpenNMS Meridian and Horizon. | 6.7 |
| 2023-03-17 | CVE-2022-46867 | Cross-Site Request Forgery (CSRF) vulnerability in Universal Star Rating Project Universal Star Rating 2.1.0 Cross-Site Request Forgery (CSRF) vulnerability in Chasil Universal Star Rating plugin <= 2.1.0 version. | 8.8 |
| 2023-03-17 | CVE-2023-1472 | Cross-Site Request Forgery (CSRF) vulnerability in Rapidload Power-Up for Autoptimize The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. | 6.3 |
| 2023-03-15 | CVE-2023-27234 | Cross-Site Request Forgery (CSRF) vulnerability in Jizhicms 2.4.5 A Cross-Site Request Forgery (CSRF) in /Sys/index.html of Jizhicms v2.4.5 allows attackers to arbitrarily make configuration changes within the application. | 6.5 |
| 2023-03-14 | CVE-2023-27073 | Cross-Site Request Forgery (CSRF) vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0 A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request. | 6.5 |
| 2023-03-14 | CVE-2022-47155 | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Slider Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Slider by Supsystic plugin <= 1.8.5 versions. | 8.8 |
| 2023-03-14 | CVE-2022-47163 | Cross-Site Request Forgery (CSRF) vulnerability in WP CSV to Database Project WP CSV to Database Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin <= 2.6 versions. | 7.5 |
| 2023-03-10 | CVE-2023-1205 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Rax30 Firmware NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 is vulnerable to cross-site request forgery attacks on all endpoints due to improperly implemented CSRF protections. | 8.8 |
| 2023-03-01 | CVE-2022-48309 | Cross-Site Request Forgery (CSRF) vulnerability in Sophos Connect A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90. | 4.3 |
| 2023-03-01 | CVE-2022-46798 | Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes Woolentor - Woocommerce Elementor Addons + Builder Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change. | 5.4 |