3 matches found
CVE-2016-20054
Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...
CVE-2022-1843
The MailPress WordPress plugin through 7.2.1 does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks...
Subscribe To Comments Reloaded 140204 - options/index.php Admin Settings Manipulation CSRF
The Subscribe To Comments Reloaded WordPress plugin was affected by an options/index.php Admin Settings Manipulation CSRF security vulnerability...