Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML
Cross-Site Request Forgery (CSRF) vulnerability in ktsvetkov wp-cyr-cho wp-cyr-cho allows Cross Site Request Forgery.This issue affects wp-cyr-cho: from n/a through <= 0.1.
Cross-Site Request Forgery (CSRF) vulnerability in maennchen1.de wpShopGermany IT-RECHT KANZLEI wpshopgermany-it-recht-kanzlei allows Cross Site Request Forgery.This issue affects wpShopGermany IT-REC
Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and p
Cross-Site Request Forgery (CSRF) vulnerability in Quý Lê 91 Administrator Z administrator-z allows Cross Site Request Forgery.This issue affects Administrator Z: from n/a through <= 2026.03.02.
Liman 0.7 contains a cross-site request forgery vulnerability that allows attackers to manipulate user account settings without proper request validation. Attackers can craft malicious HTML forms to c
The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar()
A Cross-Site Request Forgery (CSRF) in the /mwapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarily create accounts via a crafted GET request.
bloofoxCMS 0.5.2.1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious pages. Attackers can
The WPFront User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.1. This is due to missing or incorrect nonce validation on the w
Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings advanced-settings allows Cross Site Request Forgery.This issue affects Advanced Settings: from n/a through <= 3.0.1.
Cross-Site Request Forgery (CSRF) vulnerability in mariusz88atelierweb Atelier Create CV atelier-create-cv allows Cross Site Request Forgery.This issue affects Atelier Create CV: from n/a through <= 1
The Webcamconsult plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on a function. This
Cross-Site Request Forgery (CSRF) vulnerability in AdminGeekZ Varnish WordPress varnish-wp allows Cross Site Request Forgery.This issue affects Varnish WordPress: from n/a through <= 1.7.
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the ark_rp_options_page function. This m
Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2.2.22 via crafted GET request.
Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Media File Type Manager wp-media-file-type-manager allows Cross Site Request Forgery.This issue affects WP Media File Type Manager: from n/
Cross-Site Request Forgery (CSRF) vulnerability in Required Admin Menu Manager allows Cross Site Request Forgery.This issue affects Admin Menu Manager: from n/a through 1.0.3.
Cross-site request forgery (CSRF) vulnerability in multiple Alps System Integration products and the OEM products allow a remote unauthenticated attacker to hijack the authentication of the user and t
Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cross Site Request Forgery.This issue affects i-transform: from n/a through 3.0.9.