CWE-352: Cross-Site Request Forgery (CSRF)

The Stream plugin for WordPress has a Cross-Site Request Forgery vulnerability that allows unauthenticated attackers to trick administrators into perf...

This CSRF vulnerability in SkySystem Arfa-CMS allows attackers to create new administrator accounts by tricking authenticated admin users into visitin...

This CSRF vulnerability in Pligg CMS allows attackers to trick authenticated administrators into performing unauthorized actions by adding domains to ...

Pligg CMS v2.0.2 contains a Cross-Site Request Forgery (CSRF) vulnerability in the admin page editor. This allows attackers to trick authenticated adm...

Pligg CMS v2.0.2 contains a CSRF vulnerability in the admin backup functionality. Attackers can trick authenticated administrators into performing una...

This CSRF vulnerability in Pligg CMS v2.0.2 allows attackers to trick authenticated administrators into performing unauthorized backup operations via ...

This CSRF vulnerability in Pligg CMS allows attackers to trick authenticated administrators into unknowingly installing malicious widgets. Attackers c...

This CSRF vulnerability in Pligg CMS v2.0.2 allows attackers to trick authenticated administrators into performing unauthorized configuration changes ...

Pligg CMS v2.0.2 contains a CSRF vulnerability in the admin editor that allows attackers to trick authenticated administrators into performing unautho...

This CSRF vulnerability in Pligg CMS v2.0.2 allows attackers to trick authenticated administrators into performing unauthorized backup clearing action...

A Cross-Site Request Forgery vulnerability in Warehouse Inventory System v2.0 allows attackers to trick authenticated administrators into performing u...

A Cross-Site Request Forgery vulnerability in Warehouse Inventory System v2.0 allows attackers to trick authenticated users into performing unauthoriz...

A Cross-Site Request Forgery (CSRF) vulnerability in Warehouse Inventory System v2.0 allows attackers to trick authenticated users into performing una...

This CSRF vulnerability in Warehouse Inventory System v2.0 allows attackers to trick authenticated users into performing unauthorized actions, specifi...

A Cross-Site Request Forgery vulnerability in Warehouse Inventory System v2.0 allows attackers to trick authenticated users into performing unauthoriz...

This CSRF vulnerability in Hotel Management System's admin_room_added.php component allows attackers to trick authenticated administrators into perfor...

A Cross-Site Request Forgery vulnerability in the Hotel Management System's admin_room_removed.php component allows attackers to trick authenticated a...

FrogCMS v0.9.5 contains a Cross-Site Request Forgery (CSRF) vulnerability in the layout addition functionality at /admin/?/layout/add. This allows att...

FrogCMS v0.9.5 contains a Cross-Site Request Forgery (CSRF) vulnerability in the snippet deletion functionality. Attackers can trick authenticated adm...

FrogCMS v0.9.5 contains a CSRF vulnerability in the layout deletion endpoint that allows attackers to trick authenticated administrators into performi...

FrogCMS v0.9.5 contains a Cross-Site Request Forgery (CSRF) vulnerability in the layout editing functionality at /admin/?/layout/edit/1. This allows a...

FrogCMS v0.9.5 contains a Cross-Site Request Forgery (CSRF) vulnerability in the page edit functionality at /admin/?/page/edit/10. This allows attacke...

This CSRF vulnerability in Kashipara Live Membership System v1.0 allows attackers to trick authenticated administrators into performing unauthorized a...

The Light Poll WordPress plugin through version 1.0.0 lacks Cross-Site Request Forgery (CSRF) protection on certain endpoints, allowing attackers to t...

This CSRF vulnerability in the Superfly Responsive Menu WordPress plugin allows unauthenticated attackers to delete arbitrary files on affected websit...

This vulnerability in parisneo/lollms-webui allows attackers to perform Cross-Site Request Forgery (CSRF) attacks against binding management endpoints...

This CSRF vulnerability in ELECOM wireless LAN routers allows attackers to trick authenticated administrators into performing unauthorized configurati...

This vulnerability in the PZ Frontend Manager WordPress plugin allows attackers to perform Cross-Site Request Forgery (CSRF) attacks against logged-in...

This CSRF vulnerability in Nepstech Wifi Router xpon (terminal) allows attackers to trick authenticated users into unknowingly changing the admin pass...

This CSRF vulnerability in the wp-cart-for-digital-products WordPress plugin allows attackers to trick logged-in administrators into performing unauth...

The SULly WordPress plugin before version 4.3.1 lacks Cross-Site Request Forgery (CSRF) protection on certain endpoints, allowing attackers to trick a...

The wp-eMember WordPress plugin before version 10.6.6 lacks Cross-Site Request Forgery (CSRF) protection on certain endpoints, allowing attackers to t...

This vulnerability in the ContentLock WordPress plugin allows attackers to trick logged-in administrators into deleting groups or emails without their...

This CSRF vulnerability in the ContentLock WordPress plugin allows attackers to trick authenticated administrators into unknowingly changing plugin se...

This CSRF vulnerability in idccms v1.35 allows attackers to trick authenticated administrators into performing unauthorized database backup operations...

This CSRF vulnerability in idccms v1.35 allows attackers to trick authenticated administrators into performing unauthorized actions, specifically data...

CVE-2024-40334 is a Cross-Site Request Forgery (CSRF) vulnerability in idccms v1.35 that allows attackers to trick authenticated administrators into p...

This CSRF vulnerability in idccms v1.35 allows attackers to trick authenticated administrators into performing unauthorized actions by visiting malici...

This CSRF vulnerability in idccms v1.35 allows attackers to trick authenticated administrators into performing unauthorized actions by visiting malici...

This CSRF vulnerability in the Generate PDF using Contact Form 7 WordPress plugin allows unauthenticated attackers to upload arbitrary files to affect...

CVE-2024-39022 is a Cross-Site Request Forgery vulnerability in idccms v1.35 that allows attackers to trick authenticated administrators into performi...

This Cross-Site Request Forgery (CSRF) vulnerability in the Nested Pages WordPress plugin allows unauthenticated attackers to execute arbitrary PHP fi...

The WPQA Builder WordPress plugin before version 6.1.1 lacks Cross-Site Request Forgery (CSRF) protection on certain endpoints, allowing attackers to ...

CVE-2024-39158 is a Cross-Site Request Forgery vulnerability in idccms v1.35 that allows attackers to trick authenticated administrators into performi...

This CSRF vulnerability in idccms v1.35 allows attackers to trick authenticated administrators into performing unauthorized actions by visiting malici...

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in XenForo forum software versions before 2.2.16. Attackers can trick authenticat...

A Cross-Site Request Forgery (CSRF) vulnerability in AutoGPT v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server by tricking u...

This CSRF vulnerability in idccms v1.35 allows attackers to trick authenticated administrators into performing unauthorized actions by visiting malici...

This CSRF vulnerability in idccms v1.35 allows attackers to trick authenticated administrators into performing unauthorized actions via the admin/type...

This CSRF vulnerability in idccms V1.35 allows attackers to trick authenticated administrators into performing unauthorized actions, specifically dele...