Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-13	CVE-2024-6959	Cross-Site Request Forgery (CSRF) vulnerability in Lollms web UI 9.8 A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack when uploading an audio file. network low complexity lollms CWE-352	7.1
2024-10-12	CVE-2024-9592	The Easy PayPal Gift Certificate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.3. network low complexity CWE-352	6.1
2024-10-10	CVE-2024-8477	Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, Smtp, Email Marketing and Subscribe The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87. network low complexity brevo CWE-352	4.3
2024-10-09	CVE-2024-47828	Cross-Site Request Forgery (CSRF) vulnerability in Ampache ampache is a web based audio/video streaming application and file manager. network low complexity ampache CWE-352	6.5
2024-10-05	CVE-2024-47846	Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki Cargo 3.6.0 Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross Site Request Forgery.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. network low complexity mediawiki CWE-352	8.8
2024-10-04	CVE-2024-43684	Cross-Site Request Forgery (CSRF) vulnerability in Microchip Timeprovider 4100 Firmware Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0. network low complexity microchip CWE-352	8.8
2024-10-04	CVE-2024-8520	Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember Ultimate Member The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. network low complexity ultimatemember CWE-352	4.3
2024-09-30	CVE-2024-8458	Cross-Site Request Forgery (CSRF) vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). network low complexity planet CWE-352	8.8
2024-09-27	CVE-2024-28948	Cross-Site Request Forgery (CSRF) vulnerability in Advantech Adam-5630 Firmware Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. network low complexity advantech CWE-352	8.8
2024-09-27	CVE-2024-9281	Cross-Site Request Forgery (CSRF) vulnerability in Bg5Sbk Minicms A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. network low complexity bg5sbk CWE-352	4.3