CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352
CVE-2024-2960 MEDIUM
SVS Pricing Tables <= 1.0.4 - Cross-Site Request Forgery via deletePricingTable()
CVSS 4.3
CVE-2024-2959 MEDIUM
SVS Pricing Tables <= 1.0.4 - Cross-Site Request Forgery via savePricingTable() Function
CVSS 4.3
CVE-2024-1416 MEDIUM
Responsive Contact Form Builder & Lead Generation Plugin <2.0 - Pri...
CVSS 4.3
CVE-2024-1415 MEDIUM
Responsive Contact Form Builder & Lead Generation Plugin <1.8.9 - CSRF
CVSS 4.3
CVE-2024-0847 MEDIUM
5280 Bootstrap Modal Contact Form <1.0 - CSRF
CVSS 4.3
CVE-2024-0613 MEDIUM
WordPress Delete Custom Fields <0.3.1 - CSRF
CVSS 6.1
CVE-2024-4128 LOW
Firebase Command Line Interface < 13.6.0 - Cross-Site Request Forgery via Export Endpoint
CVSS 2.6
CVE-2024-33913 CRITICAL
Xserver Migrator <= 1.6.1 - Cross-Site Request Forgery to Arbitrary File Upload
CVSS 9.6
CVE-2024-3481 MEDIUM
Counter Box < 1.2.4 - Cross-Site Request Forgery in Bulk Actions
CVSS 5.2
CVE-2024-3478 MEDIUM
Herd Effects < 5.2.7 - Cross-Site Request Forgery in Bulk Actions
CVSS 6.1
CVE-2024-3477 MEDIUM
Popup Box < 2.2.7 - Cross-Site Request Forgery in Bulk Actions
CVSS 4.3
CVE-2024-3476 HIGH
Side Menu Lite < 4.2.1 - Cross-Site Request Forgery in Bulk Actions
CVSS 8.8
CVE-2024-3475 HIGH
Sticky Buttons < 3.2.4 - Cross-Site Request Forgery in Bulk Actions
CVSS 7.5
CVE-2024-3474 HIGH
Wow Skype Buttons < 4.0.4 - Cross-Site Request Forgery in Bulk Actions
CVSS 8.8
CVE-2024-3472 MEDIUM
Modal Window < 5.3.10 - Cross-Site Request Forgery via Bulk Delete Action
CVSS 5.9
CVE-2024-3471 LOW
Button Generator < 3.0 - Cross-Site Request Forgery via Bulk Delete Action
CVSS 3.4
CVE-2024-2405 MEDIUM
Float menu < 6.0.1 - Cross-Site Request Forgery in Bulk Actions
CVSS 4.5
CVE-2024-23597 MEDIUM
TvRock 0.9t8a - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-33449 CRITICAL
PDFMyURL - Server-Side Request Forgery via URL Parameter
CVSS 9.8
CVE-2024-33681 HIGH
Regenerate post permalink <= 1.0.3 - Cross-Site Request Forgery
CVSS 7.1
CVE-2024-33632 MEDIUM
Piotnet Addons For Elementor Pro <7.1.17 - CSRF
CVSS 5.4
CVE-2024-33646 HIGH
Toast Plugins Sticky Anything <2.1.5 - CSRF/XSS
CVSS 7.1
CVE-2024-3076 LOW
MM-email2image < 0.2.5 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 3.8
CVE-2024-33691 MEDIUM
OptinMonster < 2.15.3 - Cross-Site Request Forgery via Notice Dismissal
CVSS 4.3
CVE-2024-33690 MEDIUM
Financio < 1.1.3 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities 9,347
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits