CSRF - CVE CyberSecurity Database News (Page 22)

Feb 20, 2024 CSRF

CVE-2024-1555 - Bypassing SameSite Cookies in Firefox Using `firefox://` Protocol Handler

*CVE-2024-1555 is a significant vulnerability discovered in Mozilla Firefox browsers before version 123. It involves how the browser mistakenly handles SameSite cookie restrictions when routing

Jan 16, 2024 CSRF XSS WordPress PHP Coru LFMember

CVE-2022-1618 - How a WordPress Plugin Bug Lets Attackers Inject XSS With a Single Click

WordPress plugins power millions of sites. But even a small vulnerability in one can open huge security holes. One recent example is CVE-2022-1618: a critical

Jan 10, 2024 CSRF red hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

CVE-2023-5455 - Understanding the FreeIPA CSRF Vulnerability in `ipa/session/login_password`

In September 2023, security researchers uncovered a Cross-site Request Forgery (CSRF) flaw, designated CVE-2023-5455, affecting all supported versions of FreeIPA. This bug was found in

Jan 5, 2024 CSRF WordPress Exploit Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin

CVE-2023-51538 - Understanding the Dangerous CSRF Vulnerability in Awesome Support – WordPress HelpDesk & Support Plugin

The world relies more on digital support every day, and WordPress plugins like Awesome Support help businesses deliver that. But sometimes, security bugs slip in.

Nov 30, 2023 CSRF WordPress Exploit Wap Nepal Delete Post Revisions In WordPress

CVE-2023-48754 - CSRF Vulnerability in Delete Post Revisions for WordPress Explained

CVE-2023-48754 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin called “Delete Post Revisions,” developed by Wap Nepal. This issue impacts all versions