Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVEs (9,314)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-10832 - - Jun 17, 2026 Dec 4, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Posti Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the account_number and secret_key parameters in all versions up to, and including, 3.10.3 due to insufficient input sanitization...Show more The Posti Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the account_number and secret_key parameters in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.Show less
CVE-2024-41776 1Ibm 1Cognos Controller Jun 17, 2026 Dec 3, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE-2024-53793 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows Blind SQL Injection.This issue affects eDoc Easy Tables: from n/a through <= 1.29.
CVE-2024-53789 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Ritesh Sanap Advanced What should we write next about advanced-what-should-we-write-about-next allows Stored XSS.This issue affects Advanced What should we write next ab...Show more Cross-Site Request Forgery (CSRF) vulnerability in Ritesh Sanap Advanced What should we write next about advanced-what-should-we-write-about-next allows Stored XSS.This issue affects Advanced What should we write next about: from n/a through <= 1.0.3.Show less
CVE-2024-53782 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in cmsaccount Photo Video Store photo-video-store allows Cross-Site Scripting (XSS).This issue affects Photo Video Store: from n/a through <= 21.07.
CVE-2024-53781 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in homejunction SpatialMatch IDX spatialmatch-free-lifestyle-search allows Stored XSS.This issue affects SpatialMatch IDX: from n/a through <= 3.0.9.
CVE-2024-53780 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in rajeevglocify Load More Posts load-more-posts allows Stored XSS.This issue affects Load More Posts: from n/a through <= 1.5.0.
CVE-2024-53779 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in 8bitkid Yahoo! WebPlayer yahoo-media-player allows Stored XSS.This issue affects Yahoo! WebPlayer: from n/a through <= 2.0.6.
CVE-2024-53777 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Alberto Reineri Simple Header and Footer simple-header-and-footer allows Stored XSS.This issue affects Simple Header and Footer: from n/a through <= 1.0.0.
CVE-2024-53776 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in raphaelheide Donate Me donate-me allows Stored XSS.This issue affects Donate Me: from n/a through <= 1.2.5.
CVE-2024-53775 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in benmoreassynt DancePress (TRWA) dancepress-trwa allows Cross Site Request Forgery.This issue affects DancePress (TRWA): from n/a through <= 3.1.11.
CVE-2024-53770 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in pbmacintyre RingCentral Communications rccp-free allows Stored XSS.This issue affects RingCentral Communications: from n/a through <= 1.7.0.
CVE-2024-53769 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in lriaudel Custom Post Type to Map Store cpt-to-map-store allows Stored XSS.This issue affects Custom Post Type to Map Store: from n/a through <= 1.1.0.
CVE-2024-53765 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Think201 Mins To Read mins-to-read allows Stored XSS.This issue affects Mins To Read: from n/a through <= 1.2.2.
CVE-2024-53762 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in FasterThemes FastBook fastbook-responsive-appointment-booking-and-scheduling-system allows Stored XSS.This issue affects FastBook: from n/a through <= 1.1.
CVE-2024-53761 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in P Roy WP Revisions Manager wp-revisions-manager allows Cross Site Request Forgery.This issue affects WP Revisions Manager: from n/a through <= 1.0.2.
CVE-2024-53755 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Andrea Pernici Third Party Cookie Eraser third-party-cookie-eraser allows Stored XSS.This issue affects Third Party Cookie Eraser: from n/a through <= 1.0.2.
CVE-2024-53754 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Irish_Cathal Out Of Stock Badge out-of-stock-badge allows Cross Site Request Forgery.This issue affects Out Of Stock Badge: from n/a through <= 2.0.
CVE-2024-53753 - - Jun 17, 2026 Dec 2, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in CultBooking CultBooking Hotel Booking Engine cultbooking-booking-engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through <= 2.1.
CVE-2024-53751 1Buildapp 1Build App Online Jun 17, 2026 Dec 2, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online build-app-online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through <= 1.0.23.

Previous 1...131132133...466 Next