CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,352 vulnerabilities with CWE-352
CVE-2023-45108 MEDIUM
Mailrelay <= 2.1.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45107 MEDIUM
GoodBarber < 1.0.22 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-43148 HIGH
SPA-Cart 1.9.0.3 - Cross-Site Request Forgery
CVSS 8.1
CVE-2023-43149 HIGH
SPA-Cart 1.9.0.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-43147 HIGH
PHPJabbers Limo Booking Software 1.0 - CSRF
CVSS 8.8
CVE-2023-45106 MEDIUM
Urvanov Syntax Highlighter <= 2.8.33 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45103 MEDIUM
Permalinks Customizer < 2.8.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45102 MEDIUM
Blog Manager Light <= 1.20 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-41131 MEDIUM
Sp*tify Play Button for WordPress <= 2.10 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-32124 MEDIUM
Publish Confirm Message <= 1.3.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45068 MEDIUM
Supsystic Contact Form by Supsystic <= 1.7.27 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45063 MEDIUM
AI Content Writing Assistant < 1.1.5 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45060 MEDIUM
Fla-shop Interactive World Map <= 3.2.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45058 MEDIUM
KaizenCoders Short URL <= 1.6.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45052 MEDIUM
WP Bing Map Pro < 5.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45048 MEDIUM
Repuso Social proof testimonials and reviews by Repuso plugin <= 5.00 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-45011 MEDIUM
WP Power Stats <= 2.2.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-44998 MEDIUM
Category Meta plugin <= 1.2.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-45047 HIGH
LeadSquared Suite <= 0.7.4 - Cross-Site Request Forgery Leading to Form Deactivation
CVSS 7.1
CVE-2023-5531 MEDIUM
Thumbnail Slider With Lightbox < 1.0 - Cross-Site Request Forgery via Delete Functionality
CVSS 4.3
CVE-2023-44997 MEDIUM
Nitin Rathod WP Forms Puzzle Captcha <= 4.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-5511 HIGH
Snipe-IT < 6.2.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-44996 MEDIUM
Naresh Parmar Post View Count <= 1.8.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-44995 MEDIUM
WooCommerce Login Redirect <= 2.2.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-44994 MEDIUM
Bainternet ShortCodes UI <= 1.9.8 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities 9,352
Exploit Likelihood Medium