EUVD-2013-4134

Malware in sbrugna...

CVE-2017-8099

There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing attackers to delete any WordPress users and change the plugin's status via a GET request...

CVE-2024-6720 Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2023-25014

An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to delete all frontend users...

CVE-2022-1576 WP Maintenance Mode & Coming Soon < 2.4.5 - Subscribed Users Deletion via CSRF

The WP Maintenance Mode & Coming Soon WordPress plugin before 2.4.5 is lacking CSRF when emptying the subscribed users list, which could allow attackers to make a logged in admin perform such action via a CSRF attack...

CVE-2019-20178

Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user...

forkcms 3.2.5 - Multiple Vulnerabilities

ForkCMS 3.2.5以及更低版本存在CSRF和XSS反射型漏洞。IMB X-Force确认3.2.6版本也存在CSRF漏洞。 1.CSRF ForkCMS 3.2.5存在CSRF漏洞，攻击者可删除admins/users用户，删除网页，并且当授权的admin用户访问包含以下html/javascript代码的网页时可提权： 1.1删除Admins或Users用户 CSRF Exploit to delete ADMIN/USER account 注意第一个能删除的ID是2而不是1。因为1是安装阶段创建的超级管理员，称为"Fork CMS"（ForkCMS 定义了...

Memorial Web Site Script Arbitrary Deletion

----------------------------------------------------------------------------------------- Memorial Web Site Script Multiple Arbitrary Delete Vuln ----------------------------------------------------------------------------------------- Author : Chip D3 Bi0s Email : chipdebiosalt+64gmail.com Where...