PT-2024-32693 · Tinypng · Tinypng

Name of the Vulnerable Software and Affected Versions: TinyPNG versions prior to 3.4.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in TinyPNG. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that t...

PT-2024-31869 · Unknown · Hospital Management System

Name of the Vulnerable Software and Affected Versions: kishan0725's Hospital Management System version 6.3.5 Description: A Cross-Site Request Forgery CSRF issue exists, allowing an attacker to craft a malicious HTML form that submits a request to delete a doctor record. By enticing an...

PT-2024-24569 · Switchwp · Wp Client Reports

Name of the Vulnerable Software and Affected Versions: WP Client Reports versions 1.0.22 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in SwitchWP WP Client Reports. This type of vulnerability allows an attacker to trick a user into performing unintended...

PT-2024-24029 · Creativethemes · Blocksy

Name of the Vulnerable Software and Affected Versions: Blocksy versions 2.0.22 and earlier Description: A Cross-Site Request Forgery CSRF issue affects Creative Themes HQ Blocksy. This issue allows an attacker to perform unintended actions on a user's account. Recommendations: For versions 2.0.22...

PT-2023-32540 · Unknown · Finnj Frontier Post

Name of the Vulnerable Software and Affected Versions: finnj Frontier Post versions n/a through 6.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where an attacker...

PT-2023-24856 · Wpclever · Wpc Smart Wishlist For Woocommerce

Name of the Vulnerable Software and Affected Versions: WPClever WPC Smart Wishlist for WooCommerce plugin versions = 4.7.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

PT-2023-25504 · Salesagility · Salesagility/Suitecrm-Core

Name of the Vulnerable Software and Affected Versions: salesagility/suitecrm-core versions prior to 8.3.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the salesagility/suitecrm-core GitHub repository. This is a type of attack where an attacker tricks a user into...

PT-2023-11615 · Beescms · Beescms

Name of the Vulnerable Software and Affected Versions: beescms version 4 Description: A Cross Site Request Forgery CSRF issue allows attackers to delete the administrator account via a crafted request to "/admin/admin admin.php". This can be exploited by sending a malicious request to the specifi...

PT-2018-13565 · Yfcmf · Yfcmf

Name of the Vulnerable Software and Affected Versions: YFCMF version 3.0 Description: The issue allows for Cross-Site Request Forgery CSRF attacks, enabling an attacker to add an administrator account through the admin/admin/adminsave.html endpoint. Recommendations: For YFCMF version 3.0, conside...