Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-06-09 CVE-2023-2286 Cross-Site Request Forgery (CSRF) vulnerability in Wpwhitesecurity WP Activity LOG
The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0.
network
low complexity
wpwhitesecurity CWE-352
4.3
4.3
2023-06-07 CVE-2020-36707 Cross-Site Request Forgery (CSRF) vulnerability in Wpconcern Nifty Coming Soon & Maintenance Mode Page
The Coming Soon & Maintenance Mode Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.57.
network
low complexity
wpconcern CWE-352
8.8
8.8
2023-06-07 CVE-2020-36717 Cross-Site Request Forgery (CSRF) vulnerability in Kaliforms Kali Forms
The Kali Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1.
network
low complexity
kaliforms CWE-352
8.8
8.8
2023-06-07 CVE-2021-4349 Cross-Site Request Forgery (CSRF) vulnerability in Coolplugins Process Steps Template Designer
The Process Steps Template Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1.
network
low complexity
coolplugins CWE-352
8.8
8.8
2023-06-07 CVE-2021-4373 Cross-Site Request Forgery (CSRF) vulnerability in Webberzone Better Search
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2.
network
low complexity
webberzone CWE-352
4.3
4.3
2023-06-05 CVE-2023-33409 Cross-Site Request Forgery (CSRF) vulnerability in Minical 1.0.0
Minical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via minical/public/application/controllers/settings/company.php.
network
low complexity
minical CWE-352
6.5
6.5
2023-06-03 CVE-2023-2301 Cross-Site Request Forgery (CSRF) vulnerability in Vcita Contact Form Builder BY Vcita
The Contact Form Builder by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.9.1.
network
low complexity
vcita CWE-352
6.1
6.1
2023-06-03 CVE-2023-2303 Cross-Site Request Forgery (CSRF) vulnerability in Vcita Contact Form and Calls to Action BY Vcita
The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.4.
network
low complexity
vcita CWE-352
6.1
6.1
2023-06-03 CVE-2023-2405 Cross-Site Request Forgery (CSRF) vulnerability in Vcita CRM and Lead Management BY Vcita
The CRM and Lead Management by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.2.
network
low complexity
vcita CWE-352
6.5
6.5
2023-06-03 CVE-2023-2407 Cross-Site Request Forgery (CSRF) vulnerability in Vcita products
The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery.
network
low complexity
vcita CWE-352
6.5
6.5