Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-15 | CVE-2022-3240 | Cross-Site Request Forgery (CSRF) vulnerability in Follow ME Plugin Project Follow ME Plugin The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. | 8.8 |
| 2022-11-15 | CVE-2022-35613 | Cross-Site Request Forgery (CSRF) vulnerability in Konker Platform 2.3.9 Konker v2.3.9 was to discovered to contain a Cross-Site Request Forgery (CSRF). | 8.8 |
| 2022-11-14 | CVE-2022-43323 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit Member module. | 8.8 |
| 2022-11-14 | CVE-2022-44387 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module. | 8.8 |
| 2022-11-14 | CVE-2022-44389 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. | 6.5 |
| 2022-11-14 | CVE-2022-43693 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of Concrete who use the "out of the box" core OAuth. | 8.8 |
| 2022-11-13 | CVE-2022-3978 | Cross-Site Request Forgery (CSRF) vulnerability in Nodebb A vulnerability, which was classified as problematic, was found in NodeBB up to 2.5.7. | 4.3 |
| 2022-11-10 | CVE-2022-45130 | Cross-Site Request Forgery (CSRF) vulnerability in Plesk Obsidian Plesk Obsidian allows a CSRF attack, e.g., via the /api/v2/cli/commands REST API to change an Admin password. | 6.5 |
| 2022-11-09 | CVE-2022-43031 | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 6.1.9 DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords. | 8.8 |
| 2022-11-09 | CVE-2022-43488 | Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Dynamic Pricing for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration. | 4.3 |