CVE-2026-3601

Summary: CVE-2026-3601 affects the WordPress plugin “User Registration & Membership” (versions

CVE-2024-4874

The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and...

PT-2022-26168 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 13.10.8 XWiki Platform versions prior to 14.6 Description: The XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The application allows anyone with view...

Design/Logic Flaw

The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517...

PT-2016-4770 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center versions 5.4.0 through 6.0.0.1 Description: The issue allows remote authenticated users to modify pages by placing crafted code in a parameter value. Recommendations: For versions 5.4.0 through 6.0.0.1,...

WebfolioCMS 1.1.4 Cross Site Request Forgery

+--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : WebfolioCMS = 1.1.4 CSRF Add Admin/Modify Pages Date : 28-02-2012 Author : Ivano Binetti http://ivanobinetti.com Software link :...

WebfolioCMS <= 1.1.4 CSRF (Add Admin/Modify Pages)

Exploit for php platform in category web applications +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : WebfolioCMS = 1.1.4 CSRF Add Admin/Modify Pages Date : 28-02-2012 Author : Ivano Binetti...

WebfolioCMS 1.1.4 - Cross-Site Request Forgery (Add AdminModify Pages)

WebfolioCMS 1.1.4 - Cross-Site Request Forgery Add AdminModify Pages +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : WebfolioCMS = 1.1.4 CSRF Add Admin/Modify Pages Date : 28-02-2012 Author : Ivano...

Cross-site Request Forgery (CSRF) Vulnerabilities in Pragyan CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pragyan CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in Pragyan CMS 1.1 The vulnerability exists due to insufficient validation of...

CVE-2009-1434

Cross-site request forgery CSRF vulnerability in Foswiki before 1.0.5 allows remote attackers to hijack the authentication of arbitrary users for requests that modify pages, change permissions, or change group memberships, as demonstrated by a URL for a 1 save or 2 view script in the SRC attribut...