CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,352 vulnerabilities with CWE-352
CVE-2023-40201
MEDIUM
Futurio Extra <= 1.8.4 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-40199
MEDIUM
CRUDLab WP Like Button <= 1.7.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-40198
MEDIUM
Antsanchez Easy Cookie Law < 3.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-40009
MEDIUM
ThimPress WP Pipes <= 1.4.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-39159
MEDIUM
theDotstore Fraud Prevention For Woocommerce <2.1.5 - CSRF
CVSS 4.3
CVE-2023-32792
MEDIUM
NXLog Manager 5.6.5633 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-32791
MEDIUM
NXLog Manager 5.6.5633 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-40210
MEDIUM
SB Child List < 4.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-39989
MEDIUM
Header Footer Code Manager <= 1.1.34 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-39923
MEDIUM
The Post Grid <= 7.2.7 - Cross-Site Request Forgery Leading to CSS Change
CVSS 5.4
CVE-2023-39917
MEDIUM
Photo Gallery by Ays - Responsive Image Gallery <= 5.2.6 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-39165
MEDIUM
Fetch Designs Sign-up Sheets <2.2.8 - CSRF
CVSS 5.4
CVE-2023-2830
MEDIUM
Trustindex.Io WP Testimonials <1.4.2 - CSRF
CVSS 5.4
CVE-2023-25989
MEDIUM
Meks Plugins - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-38398
MEDIUM
Taboola <2.0.1 - CSRF
CVSS 4.3
CVE-2023-38396
MEDIUM
google-map-shortcode <= 3.1.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-38390
MEDIUM
Anshul Labs Mobile Address Bar Changer <3.0 - CSRF
CVSS 4.3
CVE-2023-37990
MEDIUM
Perelink Pro < 2.1.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25463
MEDIUM
WP tell a friend popup form <= 7.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-24518
MEDIUM
Pandora FMS < 767 - Cross-Site Request Forgery
CVSS 6.7
CVE-2023-38381
MEDIUM
WP-FlyBox <= 6.46 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-37998
MEDIUM
Saas Disabler < 3.0.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-37996
MEDIUM
GTmetrix for WordPress <= 0.4.7 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-37992
MEDIUM
Smarty for WordPress <= 3.1.35 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-37991
MEDIUM
Monchito.Net WP Emoji One <= 0.6.0 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities
9,352
Exploit Likelihood
Medium