CSRF - CVE CyberSecurity Database News (Page 22)

Nov 22, 2023 CSRF WordPress Exploit PHP PeepSo Download Community by PeepSo

CVE-2023-39925 - Unpacking a CSRF Vulnerability in PeepSo Download Community (<= 6.1.6.) — What You Need To Know

*PeepSo Download Community* by PeepSo is a popular WordPress plugin that adds social networking features to websites. However, security researchers recently discovered a Cross-Site Request

Nov 22, 2023 CSRF WordPress Infinite Uploads Big File Uploads – Increase Maximum File Upload Size

CVE-2023-47792 - How a CSRF Flaw in Big File Uploads Plugin Could Let Attackers Change Your WordPress Settings

If you use WordPress to run your website, you probably know how hard it can be to upload large files. That’s where plugins like

Nov 22, 2023 CSRF WordPress funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5383 - Exploiting WordPress Funnelforms Free Plugin CSRF Vulnerability (Versions ≤ 3.4)

--- Published: June 2024 Affected Plugin: Funnelforms Free (≤ 3.4) Vulnerability: Cross-Site Request Forgery (CSRF) CVE: CVE-2023-5383 Severity: Medium Impact: Unauthorized copying of arbitrary posts

Nov 22, 2023 CSRF WordPress Exploit funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5382 - How a Simple CSRF Bug Could Let Attackers Delete Your WordPress Posts via Funnelforms Free

--- Summary: A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the popular Funnelforms Free WordPress plugin, affecting versions up to and including 3.

Nov 22, 2023 CSRF XSS WordPress jonashjalmarsson HTML filter and csv-file search

CVE-2023-5096 - Stored XSS in WordPress “HTML filter and csv-file search” Plugin – How it Works and Exploit Example

If you’re running the popular HTML filter and csv-file search WordPress plugin (csvfilter-search), version 2.7 or lower, your site is vulnerable to a