CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,349 vulnerabilities with CWE-352
CVE-2023-51489 MEDIUM
Automattic, Inc. Crowdsignal Dashboard - CSRF
CVSS 5.4
CVE-2023-51407 MEDIUM
Rocket Elements Split Test For Elementor <1.6.9 - CSRF
CVSS 4.3
CVE-2023-51522 MEDIUM
Cozmoslabs Paid Member Subscriptions - CSRF
CVSS 4.3
CVE-2023-51369 MEDIUM
WooCommerce Customize My Account <1.8.3 - CSRF
CVSS 4.3
CVE-2023-50886 MEDIUM
wpWax Legal Pages <= 1.3.7 - Cross-Site Request Forgery and Incorrect Authorization
CVSS 4.3
CVE-2023-51525 MEDIUM
WP Simple Booking Calendar < 2.0.8.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-50861 MEDIUM
HUSKY - Products Filter for WooCommerce < 1.3.4.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-4731 MEDIUM
Ladipage < 4.4 - CSRF
CVSS 4.3
CVE-2023-4729 MEDIUM
Ladipage < 4.4 - CSRF
CVSS 4.3
CVE-2023-4629 MEDIUM
LadiApp WordPress <4.3 - CSRF
CVSS 4.3
CVE-2023-4628 MEDIUM
LadiApp <4.4 - CSRF
CVSS 4.3
CVE-2023-6326 MEDIUM
Master Slider - WordPress <3.9.3 - CSRF
CVSS 5.4
CVE-2023-52555 MEDIUM
mongo-express 1.0.2 - Cross-Site Request Forgery via Admin Endpoint
CVSS 6.1
CVE-2023-28949 MEDIUM
IBM Engineering Requirements Management DOORS 9.7.2.7 - CSRF
CVSS 6.5
CVE-2023-51696 MEDIUM
CleanTalk Anti-Spam < 6.20 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-51531 MEDIUM
Thrive Automator < 1.17 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-51530 MEDIUM
GS Plugins Logo Slider < 3.5.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-51529 MEDIUM
HasThemes HT Mega - Absolute Addons For Elementor - CSRF
CVSS 4.3
CVE-2023-51528 MEDIUM
Senol Sahin AI Power - CSRF
CVSS 4.3
CVE-2023-48653 MEDIUM
Concrete CMS <8.5.14, 9 <9.2.3 - CSRF
CVSS 4.3
CVE-2023-48651 MEDIUM
Concrete CMS 9.0.0-9.2.2 - Cross-Site Request Forgery via File Delete Dialog
CVSS 4.3
CVE-2023-52047 HIGH
dedecms v5.7.112 - Cross-Site Request Forgery in File Manager
CVSS 8.8
CVE-2023-51533 MEDIUM
Ecwid Ecommerce Shopping Cart <= 6.12.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-52226 MEDIUM
Advanced Flamingo < 1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-52223 MEDIUM
MailerLite - WooCommerce integration < 2.0.8 - Cross-Site Request Forgery
CVSS 5.4
Details
Vulnerabilities 9,349
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits