CWE-352

The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the plugin does not validate it correctly, resulting in a wrong implementation of anti-CSRF protection. In this way, an attacker is able to direct the victim to a malicious web page that modifies the .htaccess file, and takes control of the website.

School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user.

School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user.

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php.

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php.

A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim’s browser to send a specifically encoded request without requiring a valid CSRF token.