#csrf

sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has been fixed in version 7.77.0.

Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi Floating Action Button plugin <= 1.2.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin <= 2.46.0 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.9 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Chronosly Chronosly Events Calendar plugin <= 2.6.2 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Daniel Powney Multi Rating plugin <= 5.0.6 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Criss Swaim TPG Redirect plugin <= 1.0.7 versions.

Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin <= 6.0.9.0 versions.

Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.6.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme <= 7.1.1 versions.