Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
csrf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3476
The Side Menu Lite WordPress plugin prior to 4.2.1 does not have CSRF checks in some bulk actions, which could allow malicious users to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks
NA
CVE-2024-3477
The Popup Box WordPress plugin prior to 2.2.7 does not have CSRF checks in some bulk actions, which could allow malicious users to make logged in admins perform unwanted actions, such as deleting popups via CSRF attacks
NA
CVE-2024-2405
The Float menu WordPress plugin prior to 6.0.1 does not have CSRF check in its bulk actions, which could allow malicious users to make logged in admin delete arbitrary menu via a CSRF attack.
NA
CVE-2024-23597
Cross-site request forgery (CSRF) vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a.
NA
CVE-2024-4225
Multiple security vulnerabilities has been discovered in web interface of NetGuardian DIN Remote Telemetry Unit (RTU), by DPS Telecom. Attackers can exploit those security vulnerabilities to perform critical actions such as escalate user's privilege, steal user's creden...
NA
CVE-2024-33632
Cross-Site Request Forgery (CSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a up to and including 7.1.17.
NA
CVE-2024-33681
Cross-Site Request Forgery (CSRF) vulnerability in Sandor Kovacs Regenerate post permalink allows Cross-Site Scripting (XSS).This issue affects Regenerate post permalink: from n/a up to and including 1.0.3.
NA
CVE-2024-33646
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting (XSS).This issue affects Sticky Anything: from n/a up to and including 2.1.5.
NA
CVE-2024-3076
The MM-email2image WordPress plugin up to and including 0.2.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow malicious users to make logged in admin add Stored XSS payloads via a CSRF attack
NA
CVE-2024-33688
Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a up to and including 1.0.31.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »