Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-04 | CVE-2022-20961 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. | 8.8 |
| 2022-11-03 | CVE-2022-25952 | Cross-Site Request Forgery (CSRF) vulnerability in Keywordrush Content EGG Cross-Site Request Forgery (CSRF) vulnerability in Keywordrush Content Egg plugin <= 5.4.0 on WordPress. | 8.8 |
| 2022-11-03 | CVE-2022-30608 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. | 8.8 |
| 2022-11-03 | CVE-2022-40131 | Cross-Site Request Forgery (CSRF) vulnerability in A3Rev Page View Count Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Page View Count plugin <= 2.5.5 on WordPress allows an attacker to reset the plugin settings. | 4.3 |
| 2022-11-03 | CVE-2022-44627 | Cross-Site Request Forgery (CSRF) vulnerability in Coleds Simple SEO Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows attackers to create or delete sitemaps. | 5.4 |
| 2022-11-03 | CVE-2022-42751 | Cross-Site Request Forgery (CSRF) vulnerability in Auieo Candidats 3.0.0 CandidATS version 3.0.0 allows an external attacker to elevate privileges in the application. | 8.8 |
| 2022-10-31 | CVE-2022-40291 | Cross-Site Request Forgery (CSRF) vulnerability in PHPpointofsale PHP Point of Sale 19.0 The application was vulnerable to Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to coerce users into sending malicious requests to the site to delete their account, or in rare circumstances, hijack their account and create other admin accounts. | 8.8 |
| 2022-10-31 | CVE-2022-40488 | Cross-Site Request Forgery (CSRF) vulnerability in Processwire 3.0.200 ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF). | 6.5 |
| 2022-10-27 | CVE-2022-43340 | Cross-Site Request Forgery (CSRF) vulnerability in Dzzoffice 2.02.1 A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows attackers to arbitrarily create user accounts and grant Administrator rights to regular users. | 8.8 |
| 2022-10-27 | CVE-2022-41996 | Cross-Site Request Forgery (CSRF) vulnerability in Theme-Fusion Avada Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada premium theme versions <= 7.8.1 on WordPress leading to arbitrary plugin installation/activation. | 8.8 |