CVE-2026-35555

PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups...

CVE-2024-6024

The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when deleting groups or emails, which could allow attackers to make a logged in admin remove them via a CSRF attack...

CVE-2021-24749

The URL Shortify WordPress plugin before 1.5.1 does not have CSRF check in place when bulk-deleting links or groups, which could allow attackers to make a logged in admin delete arbitrary link and group via a CSRF attack...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete 1 categories or 2 groups; 3 ban users; or 4 delete users via the admin page...

CVE-2008-6905

Cross-site request forgery CSRF vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete 1 categories or 2 groups; 3 ban users; or 4 delete users via the admin page...