CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352
CVE-2024-32449 MEDIUM
MagniGenie RestroPress <3.1.2 - CSRF
CVSS 5.4
CVE-2024-32448 MEDIUM
VideoYield.Com Ads.Txt Admin - CSRF
CVSS 4.3
CVE-2024-32447 MEDIUM
AWP Classifieds < 4.3.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-32446 MEDIUM
WP Swings Wallet System <2.5.9 - CSRF
CVSS 5.4
CVE-2024-32445 MEDIUM
Saleswonder Team WebinarIgnition <3.05.8 - CSRF
CVSS 5.4
CVE-2024-32443 MEDIUM
IP2Location Country Blocker <2.34.2 - CSRF
CVSS 4.3
CVE-2024-32442 MEDIUM
Zoho Campaigns < 2.0.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-32441 MEDIUM
Zoho Campaigns < 2.0.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-32440 MEDIUM
Asgaros Forum < 2.8.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-32439 MEDIUM
SwitchWP WP Client Reports <1.0.22 - CSRF
CVSS 4.3
CVE-2024-32438 MEDIUM
cleverplugins Com SEO Booster <3.8.9 - CSRF
CVSS 4.3
CVE-2024-32082 HIGH
kp4coder Sync Post With Other Site <1.5.1 - CSRF/XSS
CVSS 7.1
CVE-2024-31093 HIGH
Kaloyan K. Tsvetkov Broken Images <0.3 - CSRF/XSS
CVSS 7.1
CVE-2024-31086 HIGH
Change default login logo,url and title <= 2.0 - Cross-Site Request Forgery to Cross-Site Scripting
CVSS 7.1
CVE-2024-30545 HIGH
Nick Powers Social Author Bio <2.4 - CSRF
CVSS 7.1
CVE-2024-2858 MEDIUM
Simple Buttons Creator < 1.04 - Cross-Site Request Forgery
CVSS 4.8
CVE-2024-2857 MEDIUM
Simple Buttons Creator < 1.04 - Unauthenticated Stored Cross-Site Scripting and Cross-Site Request Forgery
CVSS 6.1
CVE-2024-2739 HIGH
Advanced Search WordPress Plugin <= 1.1.6 - Cross-Site Request Forgery
CVSS 8.7
CVE-2024-1306 MEDIUM
Smart Forms < 2.6.94 - Cross-Site Request Forgery
CVSS 5.4
CVE-2024-31364 MEDIUM
ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts <2.1.2 ...
CVSS 4.3
CVE-2024-31363 MEDIUM
LifterLMS < 7.5.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-31362 MEDIUM
ProfileGrid < 5.7.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-31360 MEDIUM
Benchmark Email Lite < 4.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2024-31354 MEDIUM
Tribulant Slideshow Gallery <1.7.8 - CSRF
CVSS 4.3
CVE-2024-31305 MEDIUM
rtCamp Transcoder <= 1.3.5 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities 9,347
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits