CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,352 vulnerabilities with CWE-352
CVE-2023-44476 MEDIUM
CopyRightPro <= 2.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-44475 MEDIUM
Add Shortcodes Actions And Filters < 2.0.9 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-44471 MEDIUM
Backend Localization < 2.1.10 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-44470 MEDIUM
Kvvaradha Kv TinyMCE Editor Add Fonts <= 1.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-44241 MEDIUM
Keap Landing Pages <= 1.4.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-5498 MEDIUM
chiefonboarding < 2.0.47 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-4837 HIGH
SmodBIP - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-44261 MEDIUM
Dinesh Karki Block Plugin Update <= 3.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-44259 MEDIUM
Mediavine Control Panel <= 2.10.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-44257 MEDIUM
Hometory Mang Board WP <= 1.7.6 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41876 MEDIUM
WP Gallery Metabox <= 1.0.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41858 MEDIUM
Order Delivery Date for WP e-Commerce <= 1.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41854 MEDIUM
wpCentral <= 1.5.7 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-41853 MEDIUM
WP iCal Availability <= 1.0.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41852 MEDIUM
MailMunch - Grow your Email List <= 3.1.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41851 MEDIUM
Dotsquares WP Custom Post Template <= 1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41850 MEDIUM
Outbound Link Manager <= 1.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41730 MEDIUM
SendPress Newsletters <= 1.22.3.31 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41697 MEDIUM
Easy WP Cleaner <= 1.9 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41694 MEDIUM
Realbig For WordPress <= 1.0.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41684 MEDIUM
Felix Welberg SIS Handball <= 1.0.45 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-44811 HIGH
MooSocial 3.1.8 - Cross-Site Request Forgery via Admin Password Change Function
CVSS 8.8
CVE-2023-41672 MEDIUM
Hide admin notices - Admin Notification Center <=2.3.2 - CSRF
CVSS 4.3
CVE-2023-41670 MEDIUM
Use Memcached <= 1.0.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-41669 MEDIUM
DAEXT Live News < 1.06 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities 9,352
Exploit Likelihood Medium