Show filters
4,815 Total Results
Displaying 381-390 of 4,815
Sort by:
Attacker Value
Unknown

CVE-2024-6662

Disclosure Date: January 10, 2025 (last updated February 27, 2025)
Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery (CSRF) as the form available under "/edytor/index.php?id=7,7,0" lacks protection mechanisms. A user could be tricked into visiting a malicious website, which would send POST request to this endpoint. If the victim is a logged in administrator, this could lead to creation of new accounts and granting of administrative permissions.
0
0
Attacker Value
Unknown

CVE-2024-13304

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request Forgery.This issue affects Minify JS: from 0.0.0 before 3.0.3.
0
0
Attacker Value
Unknown

CVE-2024-13293

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2.
0
0
Attacker Value
Unknown

CVE-2024-13284

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request Forgery.This issue affects Gutenberg: from 0.0.0 before 2.13.0, from 3.0.0 before 3.0.5.
0
0
Attacker Value
Unknown

CVE-2024-13261

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia DAM allows Cross Site Request Forgery.This issue affects Acquia DAM: from 0.0.0 before 1.0.13, from 1.1.0 before 1.1.0-beta3.
0
0
Attacker Value
Unknown

CVE-2024-13260

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1.
0
0
Attacker Value
Unknown

CVE-2024-13250

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Drupal Symfony Mailer Lite allows Cross Site Request Forgery.This issue affects Drupal Symfony Mailer Lite: from 0.0.0 before 1.0.6.
0
0
Attacker Value
Unknown

CVE-2024-13244

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate Tools allows Cross Site Request Forgery.This issue affects Migrate Tools: from 0.0.0 before 6.0.3.
0
0
Attacker Value
Unknown

CVE-2025-22814

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Admin Theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through 1.4.1.
0
0
Attacker Value
Unknown

CVE-2024-12605

Disclosure Date: January 09, 2025 (last updated February 27, 2025)
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or incorrect nonce validation on the "al_scribe_content_data" actions. This makes it possible for unauthenticated attackers to update plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
0
0
View More Topics  < Previous  Next >