Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-27 | CVE-2024-9282 | Cross-Site Request Forgery (CSRF) vulnerability in Bg5Sbk Minicms A vulnerability was found in bg5sbk MiniCMS 1.11. | 4.3 |
| 2024-09-26 | CVE-2024-45987 | Cross-Site Request Forgery (CSRF) vulnerability in Online Voting System Project Online Voting System 1.0 Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. | 6.5 |
| 2024-09-26 | CVE-2024-45372 | Cross-Site Request Forgery (CSRF) vulnerability in Planex Mzk-Dp300N Firmware MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. | 6.5 |
| 2024-09-25 | CVE-2024-47082 | Cross-Site Request Forgery (CSRF) vulnerability in Strawberryrocks Strawberry Strawberry GraphQL is a library for creating GraphQL APIs. | 8.0 |
| 2024-09-25 | CVE-2024-47305 | Cross-Site Request Forgery (CSRF) vulnerability in Dineshkarki USE ANY Font Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site Request Forgery.This issue affects Use Any Font: from n/a through 6.3.08. | 8.8 |
| 2024-09-25 | CVE-2024-47315 | Cross-Site Request Forgery (CSRF) vulnerability in Givewp Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1. | 8.8 |
| 2024-09-25 | CVE-2024-20414 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method. | 6.5 |
| 2024-09-25 | CVE-2024-20437 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS XE A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. | 8.8 |
| 2024-09-25 | CVE-2024-7892 | Cross-Site Request Forgery (CSRF) vulnerability in Vladyslavbondarenko Adstxt The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | 4.3 |
| 2024-09-25 | CVE-2024-7386 | The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.1. | 4.3 |