CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,352 vulnerabilities with CWE-352
CVE-2023-45748 MEDIUM
MailMunch MailChimp Forms by MailMunch <= 3.1.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45647 MEDIUM
Constant Contact Forms by MailMunch <= 2.0.10 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45645 MEDIUM
InfoD74 WP Open Street Map <= 1.25 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45643 MEDIUM
CPT Shortcode Generator <= 1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45642 MEDIUM
Snap Pixel < 1.5.7 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45641 MEDIUM
Caret Country Access Limit <= 1.0.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45639 MEDIUM
Codex-m Sort SearchResult By Title <= 10.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45656 MEDIUM
Kevin Weber Lazy Load for Videos <= 2.18.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45655 MEDIUM
PixelGrade PixFields <= 0.7.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45654 MEDIUM
Pixelgrade Comments Ratings <= 1.1.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45653 MEDIUM
Galaxy Weblinks Video Playlist For YouTube < 6.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45651 MEDIUM
Marco Milesi WP Attachments <= 5.0.11 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45650 MEDIUM
Fla-shop HTML5 Maps <= 1.7.1.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45638 MEDIUM
euPago Eupago Gateway For Woocommerce <= 3.1.9 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-45629 MEDIUM
wpdevart Gallery - Image and Video Gallery with Thumbnails <= 2.0.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45606 MEDIUM
Lasso Simple URLs <= 120 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45605 MEDIUM
Feed Statistics < 4.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45274 MEDIUM
SendPulse Free Web Push <= 1.3.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45273 MEDIUM
Stout Google Calendar <= 1.2.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45276 MEDIUM
Automated Editor < 1.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45270 MEDIUM
Pinpoint Booking System <= 2.9.9.4.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45269 MEDIUM
Simple SEO < 2.0.25 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45268 MEDIUM
Hitsteps Web Analytics < 5.86 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45267 MEDIUM
IRivYou < 2.2.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45109 MEDIUM
ZAKSTAN WhitePage <= 1.1.5 - Cross-Site Request Forgery
CVSS 5.4
Details
Vulnerabilities 9,352
Exploit Likelihood Medium