Show filters
2,723 Total Results
Displaying 181-190 of 2,723
Sort by:
Attacker Value
Unknown

CVE-2023-46775

Disclosure Date: November 06, 2023 (last updated February 25, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-47182

Disclosure Date: November 06, 2023 (last updated February 25, 2025)
Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5945

Disclosure Date: November 03, 2023 (last updated February 25, 2025)
The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the responsive_video_gallery_with_lightbox_video_management_func() function. This makes it possible for unauthenticated attackers to delete videos hosted from the video slider via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-42027

Disclosure Date: November 03, 2023 (last updated February 25, 2025)
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5899

Disclosure Date: November 01, 2023 (last updated February 25, 2025)
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5898

Disclosure Date: November 01, 2023 (last updated February 25, 2025)
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5897

Disclosure Date: November 01, 2023 (last updated February 25, 2025)
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/customLocale prior to 1.2.0-1.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5893

Disclosure Date: November 01, 2023 (last updated February 25, 2025)
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-43295

Disclosure Date: October 31, 2023 (last updated February 25, 2025)
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5519

Disclosure Date: October 31, 2023 (last updated February 25, 2025)
The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
View More Topics  < Previous  Next >