PT-2025-26334 · Unknown · Oganro Travel Portal Search Widget

Name of the Vulnerable Software and Affected Versions: Oganro Travel Portal Search Widget for HotelBeds APITUDE API versions 1.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. Recommendations: For Oganro Travel Portal...

PT-2025-24185 · Unknown · Alessandro Piconi Simple Keyword To Link

Name of the Vulnerable Software and Affected Versions: Alessandro Piconi Simple Keyword to Link versions 1.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attac...

PT-2025-5253 · Anyroad · Anyroad

Name of the Vulnerable Software and Affected Versions: AnyRoad versions 1.3.2 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF problem, which affects AnyRoad. This allows for Cross Site Request Forgery. Recommendations: For versions 1.3.2 and earlier, update to a...

PT-2024-27744 · Sunbird Dcim · Dctrack

Name of the Vulnerable Software and Affected Versions: Sunbird DCIM dcTrack version 9.1.2 Description: A Cross-Site Request Forgery CSRF issue allows authenticated attackers to escalate their privileges by forcing an Administrator user to perform sensitive requests in some admin screens. This can...

PT-2024-4823 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is related to cross-site request forgery, which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. This...

PT-2023-23886 · WordPress · Designs & Code Forget About Shortcode Buttons

Name of the Vulnerable Software and Affected Versions: Designs & Code Forget About Shortcode Buttons plugin versions = 2.1.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions ...

PT-2023-29902 · WordPress · Jeff Sherk Auto Login New User After Registration

Name of the Vulnerable Software and Affected Versions: Jeff Sherk Auto Login New User After Registration plugin versions = 1.9.6 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...

PT-2023-29251 · Unknown · Bernhard Kau Backend Localization Plugin

Name of the Vulnerable Software and Affected Versions: Bernhard Kau Backend Localization plugin versions = 2.1.10 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions ...

PT-2023-25145 · WordPress · Mycred

Name of the Vulnerable Software and Affected Versions: myCred plugin versions = 2.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the...

PT-2023-25943 · WordPress · Wpmobilepack.Com Wordpress Mobile Pack – Mobile Plugin For Progressive Web Apps & Hybrid Mobile Apps

Name of the Vulnerable Software and Affected Versions: WPMobilePack.Com WordPress Mobile Pack – Mobile Plugin for Progressive Web Apps & Hybrid Mobile Apps plugin versions = 3.4.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user in...

PT-2023-24286 · Unknown · Smart App Banner

Name of the Vulnerable Software and Affected Versions: Smart App Banner plugin versions 1.1.2 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

PT-2023-14587 · WordPress · Webmat Flexible Elementor Panel

Name of the Vulnerable Software and Affected Versions: WebMat Flexible Elementor Panel plugin versions = 2.3.8 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on ...

PT-2022-28137 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository usememos/memos. CSRF is an attack that tricks the victim into performing unintended actions on a web...

PT-2020-12150 · Chadha · Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to add a new category via a crafted request, exploiting a CSRF weakness in the admin/add-category.php file. Recommendations: For version 9, consider...

PT-2018-9819 · Wuzhi · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: The issue allows for a CSRF attack to change the password of a common member. This is possible through the "index.php?m=member&v=pw reset" endpoint, which is vulnerable to such attacks. Recommendations: Fo...