Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-17 | CVE-2023-23899 | Cross-Site Request Forgery (CSRF) vulnerability in Hasthemes Extensions for CF7 Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation. | 4.3 |
| 2023-02-17 | CVE-2023-24388 | Cross-Site Request Forgery (CSRF) vulnerability in Wpdevart Booking Calendar Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete). | 5.4 |
| 2023-02-15 | CVE-2021-33396 | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 4.1.4 Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php. | 6.5 |
| 2023-02-15 | CVE-2023-23465 | Cross-Site Request Forgery (CSRF) vulnerability in Mediacp Media Control Panel 2.13.1 Media CP Media Control Panel latest version. | 8.8 |
| 2023-02-15 | CVE-2023-23847 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Synopsys Coverity A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 3.5 |
| 2023-02-15 | CVE-2023-25767 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Azure Credentials A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server. | 8.8 |
| 2023-02-15 | CVE-2022-29557 | Cross-Site Request Forgery (CSRF) vulnerability in Relx Firco Compliance Link 3.7 LexisNexis Firco Compliance Link 3.7 allows CSRF. | 8.8 |
| 2023-02-14 | CVE-2023-22942 | Cross-Site Request Forgery (CSRF) vulnerability in Splunk In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request. | 4.3 |
| 2023-02-14 | CVE-2022-46862 | Cross-Site Request Forgery (CSRF) vulnerability in Expresstech Quiz and Survey Master Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions. | 8.8 |
| 2023-02-14 | CVE-2023-24377 | Cross-Site Request Forgery (CSRF) vulnerability in Lightspeedhq Ecwid Ecommerce Shopping Cart Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions. | 8.8 |