Total
9108 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4548 | 1 Imageseo | 1 Optimize Images Alt Text \(alt Tag\) \& Names For Seo Using Ai | 2025-04-02 | 6.5 Medium |
| The Optimize images ALT Text & names for SEO using AI WordPress plugin before 2.0.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. | ||||
| CVE-2024-32438 | 1 Cleverplugins | 1 Seo Booster | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com SEO Booster.This issue affects SEO Booster: from n/a through 3.8.9. | ||||
| CVE-2024-32439 | 1 Switchwp | 1 Wp Client Reports | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP Client Reports.This issue affects WP Client Reports: from n/a through 1.0.22. | ||||
| CVE-2024-32440 | 1 Asgaros | 1 Asgaros Forum | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.8.0. | ||||
| CVE-2024-32441 | 1 Zoho | 1 Zoho Campaigns | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | ||||
| CVE-2024-32442 | 1 Zoho | 1 Zoho Campaigns | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | ||||
| CVE-2024-32443 | 1 Ip2location | 1 Country Blocker | 2025-04-02 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2. | ||||
| CVE-2023-24458 | 1 Jenkins | 1 Bearychat | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified URL. | ||||
| CVE-2023-24457 | 1 Jenkins | 1 Keycloak Authentication | 2025-04-02 | 6.5 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-24452 | 1 Jenkins | 1 Testquality Updater | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password. | ||||
| CVE-2023-24447 | 1 Jenkins | 1 Rabbitmq Consumer | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password. | ||||
| CVE-2023-24446 | 1 Jenkins | 1 Openid | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-24437 | 1 Jenkins | 1 Jira Pipeline Steps | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-24434 | 1 Jenkins | 1 Github Pull Request Builder | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2025-27664 | 1 Printerlogic | 2 Vasion Print, Virtual Appliance | 2025-04-01 | 8.8 High |
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient CSRF Protection OVE-20230524-0008. | ||||
| CVE-2024-30946 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 5.5 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php. | ||||
| CVE-2024-30965 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 8.8 High |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. | ||||
| CVE-2024-29684 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 9.8 Critical |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2024-1231 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 6.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack | ||||
| CVE-2024-1232 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 4.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack | ||||