Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2018-14519 | Cross-Site Request Forgery (CSRF) vulnerability in Getkirby Kirby 2.5.12 An issue was discovered in Kirby 2.5.12. | 4.3 |
| 2022-08-23 | CVE-2022-36379 | Cross-Site Request Forgery (CSRF) vulnerability in Yookassa Yukassa for Woocommerce Cross-Site Request Forgery (CSRF) leading to plugin settings update in YooMoney ?Kassa ??? WooCommerce plugin <= 2.3.0 at WordPress. | 8.8 |
| 2022-08-22 | CVE-2022-1251 | Cross-Site Request Forgery (CSRF) vulnerability in Inkthemes ASK ME The Ask me WordPress theme before 6.8.4 does not perform nonce checks when processing POST requests to the Edit Profile page, allowing an attacker to trick a user to change their profile information by sending a crafted request. | 4.3 |
| 2022-08-22 | CVE-2022-2312 | Cross-Site Request Forgery (CSRF) vulnerability in Student Result or Employee Database Project Student Result or Employee Database The Student Result or Employee Database WordPress plugin before 1.7.5 does not have CSRF in its AJAX actions, allowing attackers to make logged in user with a role as low as contributor to add/edit and delete students via CSRF attacks. | 5.4 |
| 2022-08-22 | CVE-2022-35656 | Cross-Site Request Forgery (CSRF) vulnerability in Pega Platform Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly. | 4.5 |
| 2022-08-19 | CVE-2022-36224 | Cross-Site Request Forgery (CSRF) vulnerability in Xunruicms 4.5.6 XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF). | 8.8 |
| 2022-08-19 | CVE-2022-36225 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.8 EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forgery (CSRF) via the background, column management function and add. | 8.8 |
| 2022-08-19 | CVE-2022-36577 | Cross-Site Request Forgery (CSRF) vulnerability in Jizhicms 2.3.1 An issue was discovered in jizhicms v2.3.1. | 8.8 |
| 2022-08-19 | CVE-2022-36579 | Cross-Site Request Forgery (CSRF) vulnerability in Wellcms 2.2.0 Wellcms 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF). | 8.8 |
| 2022-08-17 | CVE-2022-23765 | Cross-Site Request Forgery (CSRF) vulnerability in Iptime products This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. | 8.8 |