Vulnerabilities > Pyrocms > Pyrocms > 3.7

DATE CVE VULNERABILITY TITLE RISK
2020-10-08 CVE-2020-25263 Cross-Site Request Forgery (CSRF) vulnerability in Pyrocms 3.7
PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/addons/uninstall/anomaly.module.blocks URI: an arbitrary plugin will be deleted.
network
pyrocms CWE-352
5.8
5.8
2020-10-08 CVE-2020-25262 Cross-Site Request Forgery (CSRF) vulnerability in Pyrocms 3.7
PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI: pages will be deleted.
network
pyrocms CWE-352
4.3
4.3