Total
6248 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-44997 | 1 Nitinrathod | 1 Wp Forms Puzzle Captcha | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin <= 4.1 versions. | ||||
| CVE-2023-45047 | 1 Leadsquared | 1 Leadsquared Suite | 2024-09-17 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in LeadSquared, Inc LeadSquared Suite plugin <= 0.7.4 versions. | ||||
| CVE-2023-32124 | 1 Arulprasadj | 1 Publish Confirm Message | 2024-09-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <= 1.3.1 versions. | ||||
| CVE-2023-45102 | 1 Otwthemes | 1 Blog Manager Light | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Blog Manager Light plugin <= 1.20 versions. | ||||
| CVE-2024-5815 | 1 Github | 1 Enterprise Server | 2024-09-17 | 6.5 Medium |
| A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit a tag in the attacker's fork of their own repository. vulnerability affected all versions of GitHub Enterprise Server prior 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program. | ||||
| CVE-2023-43118 | 1 Extremenetworks | 1 Exos | 2024-09-17 | 8.8 High |
| Cross Site Request Forgery (CSRF) vulnerability in Chalet application in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API. | ||||
| CVE-2023-44998 | 1 Randyhoyt | 1 Category Meta | 2024-09-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, Randy Hoyt, steveclarkcouk, Vitaliy Kukin, Eric Le Bail, Tom Ransom Category Meta plugin plugin <= 1.2.8 versions. | ||||
| CVE-2023-45011 | 1 Websivu | 1 Wp Power Stats | 2024-09-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Igor Buyanov WP Power Stats plugin <= 2.2.3 versions. | ||||
| CVE-2023-45048 | 1 Repuso | 1 Repuso | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Repuso Social proof testimonials and reviews by Repuso plugin <= 5.00 versions. | ||||
| CVE-2023-45058 | 1 Kaizencoders | 1 Short Url | 2024-09-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in KaizenCoders Short URL plugin <= 1.6.8 versions. | ||||
| CVE-2023-45060 | 1 Fla-shop | 1 Interactive World Map | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions. | ||||
| CVE-2023-45063 | 1 Rayhan1 | 1 Ai Content Writing Assistant | 2024-09-17 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ReCorp AI Content Writing Assistant (Content Writer, GPT 3 & 4, ChatGPT, Image Generator) All in One plugin <= 1.1.5 versions. | ||||
| CVE-2023-45068 | 1 Supsystic | 1 Contact Form | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form by Supsystic plugin <= 1.7.27 versions. | ||||
| CVE-2010-2151 | 1 Fujitsu | 1 E-pares | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors. | ||||
| CVE-2013-3690 | 1 Brickom | 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users. | ||||
| CVE-2022-40623 | 1 Wavlink | 2 Wn531g3, Wn531g3 Firmware | 2024-09-17 | 8.8 High |
| The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution. | ||||
| CVE-2014-9099 | 1 Whydowork Adsense Project | 1 Whydowork Adsense | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the WhyDoWork AdSense plugin 1.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via a request to the whydowork_adsense page in wp-admin/options-general.php. | ||||
| CVE-2013-7346 | 1 Getsymphony | 1 Symphony | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Symphony CMS before 2.3.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the sort parameter to system/authors/, related to CVE-2013-2559. | ||||
| CVE-2011-1325 | 1 Lockon | 1 Ec-cube | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in EC-CUBE before 2.11.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2018-11680 | 1 Cmseasy | 1 Cmseasy | 2024-09-17 | N/A |
| An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate. | ||||