|Max CVSS||6.8||Min CVSS||3.5||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by chang
|16-08-2017 - 01:29||04-04-2017 - 14:59|
There is CSRF in the CopySafe Web Protection plugin before 2.6 for WordPress, allowing attackers to change plugin settings.
|03-05-2017 - 01:59||24-04-2017 - 18:59|
e107 2.1.4 is vulnerable to cross-site request forgery in plugin-installing, meta-changing, and settings-changing. A malicious web page can use forged requests to make e107 download and install a plug-in provided by the attacker.
|29-04-2017 - 18:38||24-04-2017 - 18:59|
There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing attackers to delete any WordPress users and change the plugin's status via a GET request.
|28-04-2017 - 17:48||24-04-2017 - 18:59|
Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipity_event_xsstrust plugin and a set_config error in that plugin.
|28-04-2017 - 15:57||24-04-2017 - 18:59|