CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,352 vulnerabilities with CWE-352
CVE-2023-29235 MEDIUM
Fugu Maintenance Switch <1.5.2 - CSRF
CVSS 5.4
CVE-2023-28791 MEDIUM
Gangesh Matta Simple Org Chart <2.3.4 - CSRF
CVSS 4.3
CVE-2023-40671 MEDIUM
DX-auto-save-images <= 1.4.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-40008 MEDIUM
Simple Org Chart <= 2.3.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-27615 MEDIUM
Dipak C. Gajjar WP Super Minify <= 1.5.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-27448 MEDIUM
MakeStories for Google Web Stories <= 2.8.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-25480 MEDIUM
BoldGrid Post and Page Builder <= 1.24.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25033 MEDIUM
Sumo Social Share Boost <= 4.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-40556 MEDIUM
Greg Ross Schedule Posts Calendar <5.2 - CSRF
CVSS 4.3
CVE-2023-40559 MEDIUM
TheDotstore Dynamic Pricing & Discount Rules - CSRF
CVSS 4.3
CVE-2023-40561 MEDIUM
Enhanced Ecommerce Google Analytics for WooCommerce <= 3.7.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-27433 MEDIUM
Make Paths Relative < 1.3.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-25025 MEDIUM
WP-CopyProtect [Protect your blog posts] <= 3.1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-37995 MEDIUM
WP-CopyProtect <= 3.1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25980 MEDIUM
Optimize Database after Deleting Revisions <= 5.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25788 MEDIUM
Saphali Woocommerce Lite <= 1.8.13 - Cross-Site Request Forgery
CVSS 6.3
CVE-2023-25489 MEDIUM
Update Theme and Plugins from Zip File <= 2.0.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41693 MEDIUM
MyCryptoCheckout <= 2.125 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-41244 MEDIUM
Buildfail Localize Remote Images <1.0.9 - CSRF
CVSS 4.3
CVE-2023-40558 MEDIUM
eMarket Design YouTube Video Gallery by YouTube Showcase <= 3.3.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-39158 MEDIUM
TheDotstore Banner Management For WooCommerce <= 2.4.2 - CSRF
CVSS 4.3
CVE-2023-32091 MEDIUM
POEditor < 0.9.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-27435 MEDIUM
Sami Ahmed Siddiqui HTTP Auth <= 0.3.2 - Cross-Site Request Forgery
CVSS 6.3
CVE-2023-40212 MEDIUM
Product Attachment for WooCommerce <= 2.1.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-40202 MEDIUM
WP HTML Mail <= 3.4.1 - Cross-Site Request Forgery
CVSS 5.4
Details
Vulnerabilities 9,352
Exploit Likelihood Medium