Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-37958 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Sumologic Publisher A cross-site request forgery (CSRF) vulnerability in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers to connect to an attacker-specified URL. | 8.8 |
| 2023-07-12 | CVE-2023-37961 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Assembla A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account. | 8.8 |
| 2023-07-12 | CVE-2023-37962 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator 1.0.0/1.0.1 A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system. | 8.8 |
| 2023-07-12 | CVE-2023-37964 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Elasticbox CI A cross-site request forgery (CSRF) vulnerability in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.8 |
| 2023-07-12 | CVE-2021-4422 | Cross-Site Request Forgery (CSRF) vulnerability in Wpexperts Post Smtp Mailer The POST SMTP Mailer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.20. | 4.3 |
| 2023-07-11 | CVE-2023-37596 | Cross-Site Request Forgery (CSRF) vulnerability in Issabel PBX 4.0.06 Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a crafted script to the deleteuser function. | 8.1 |
| 2023-07-11 | CVE-2023-37597 | Cross-Site Request Forgery (CSRF) vulnerability in Issabel PBX 4.0.06 Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function. | 8.1 |
| 2023-07-11 | CVE-2023-3627 | Cross-Site Request Forgery (CSRF) vulnerability in Salesagility Suitecrm Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1. | 8.8 |
| 2023-07-11 | CVE-2023-2746 | Cross-Site Request Forgery (CSRF) vulnerability in Rockwellautomation Enhanced HIM 1.001 The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. | 9.6 |
| 2023-07-11 | CVE-2023-34029 | Cross-Site Request Forgery (CSRF) vulnerability in Disable Wordpress Update Notifications and Auto-Update Email Notifications Project Disable Wordpress Update Notifications and Auto-Update Email Notifications Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable WordPress Update Notifications and auto-update Email Notifications plugin <= 2.3.3 versions. network low complexity disable-wordpress-update-notifications-and-auto-update-email-notifications-project CWE-352 | 6.5 |