WordPress GDReseller plugin <= 1.6 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin GDReseller versions = 1.6...

WordPress Similarity Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Similarity Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3971 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9a13b3ce24a3 Credits Bob Matyas Required privilege...

CVE-2020-18409

Cross Site Request Forgery CSRF vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via /index.php/admin/index/modifymanage.html...

Cross site request forgery (csrf)

An issue was discovered in DOYO aka doyocms 2.320140425 update. There is a CSRF vulnerability that can add a super administrator account via admin.php?c=aadminuser&a=add&run=1...

up.time 7.5.0 Superadmin Privilege Escalation Exploit

Exploit for php platform in category web applications i...

CVE-2015-2089

Multiple cross-site request forgery CSRF vulnerabilities in the CrossSlide jQuery crossslide-jquery-plugin-for-wordpress plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS...

Symantec Endpoint Protection Manager XSS and CSRF Vulnerabilities

This host is installed with Symantec Endpoint Protection Manager and is prone to cross site scripting and cross site request forgery vulnerabilities. OpenVAS Vulnerability Test $Id: gbsymantecendpointprotectionxssncsrfvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Symantec Endpoint Protection Manag...