Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-44387 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module. | 8.8 |
| 2022-11-14 | CVE-2022-44389 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. | 6.5 |
| 2022-11-14 | CVE-2022-43693 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of Concrete who use the "out of the box" core OAuth. | 8.8 |
| 2022-11-13 | CVE-2022-3978 | Cross-Site Request Forgery (CSRF) vulnerability in Nodebb A vulnerability, which was classified as problematic, was found in NodeBB up to 2.5.7. | 4.3 |
| 2022-11-10 | CVE-2022-45130 | Cross-Site Request Forgery (CSRF) vulnerability in Plesk Obsidian Plesk Obsidian allows a CSRF attack, e.g., via the /api/v2/cli/commands REST API to change an Admin password. | 6.5 |
| 2022-11-09 | CVE-2022-43031 | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 6.1.9 DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords. | 8.8 |
| 2022-11-09 | CVE-2022-43488 | Cross-Site Request Forgery (CSRF) vulnerability in Algolplus Advanced Dynamic Pricing for Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration. | 4.3 |
| 2022-11-08 | CVE-2022-27855 | Cross-Site Request Forgery (CSRF) vulnerability in Fatcatapps Analytics CAT Cross-Site Request Forgery (CSRF) vulnerability in Fatcat Apps Analytics Cat plugin <= 1.0.9 on WordPress allows Plugin Settings Change. | 4.3 |
| 2022-11-08 | CVE-2022-32587 | Cross-Site Request Forgery (CSRF) vulnerability in Codeandmore WP Page Widget Cross-Site Request Forgery (CSRF) vulnerability in CodeAndMore WP Page Widget plugin <= 3.9 on WordPress leading to plugin settings change. | 4.3 |
| 2022-11-08 | CVE-2022-38137 | Cross-Site Request Forgery (CSRF) vulnerability in Analytify - Google Analytics Dashboard Cross-Site Request Forgery (CSRF) vulnerability in Analytify plugin <= 4.2.2 on WordPress. | 8.8 |