Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-03 | CVE-2023-36162 | Cross-Site Request Forgery (CSRF) vulnerability in Zzcms 2023 Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php. | 8.8 |
| 2023-07-01 | CVE-2021-4398 | Cross-Site Request Forgery (CSRF) vulnerability in Amministrazione Trasparente Project Amministrazione Trasparente The Amministrazione Trasparente plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1. | 4.3 |
| 2023-07-01 | CVE-2020-36740 | Cross-Site Request Forgery (CSRF) vulnerability in Radio Buttons for Taxonomies Project Radio Buttons for Taxonomies The Radio Buttons for Taxonomies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.5. | 8.8 |
| 2023-06-27 | CVE-2020-18409 | Cross-Site Request Forgery (CSRF) vulnerability in Catfishcms Project Catfishcms 4.8.63 Cross Site Request Forgery (CSRF) vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via /index.php/admin/index/modifymanage.html. | 6.8 |
| 2023-06-27 | CVE-2020-18416 | Cross-Site Request Forgery (CSRF) vulnerability in Jyuu Jymusic 2.0.0 An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information. | 6.8 |
| 2023-06-27 | CVE-2020-18418 | Cross-Site Request Forgery (CSRF) vulnerability in Feifeicms 4.1.190209 A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert. | 8.8 |
| 2023-06-27 | CVE-2023-34839 | Cross-Site Request Forgery (CSRF) vulnerability in Issabel PBX 4.0.06 A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application. | 6.8 |
| 2023-06-24 | CVE-2023-1722 | Cross-Site Request Forgery (CSRF) vulnerability in Yoga Class Registration System Project Yoga Class Registration System 1.0 Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. | 8.8 |
| 2023-06-22 | CVE-2023-32960 | Cross-Site Request Forgery (CSRF) vulnerability in Updraftplus Cross-Site Request Forgery (CSRF) vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin <= 1.23.3 versions leads to sitewide Cross-Site Scripting (XSS). | 6.1 |
| 2023-06-22 | CVE-2023-34927 | Cross-Site Request Forgery (CSRF) vulnerability in Casbin Casdoor Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. | 6.5 |