CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,354 vulnerabilities with CWE-352
CVE-2023-37992
MEDIUM
Smarty for WordPress <= 3.1.35 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-37991
MEDIUM
Monchito.Net WP Emoji One <= 0.6.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-37891
MEDIUM
OptiMonk: Popups, Personalization & A/B Testing <= 2.0.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41086
HIGH
Furuno Systems ACERA Wireless LAN Access Point Firmware - Cross-Site Request Forgery in ST Mode
CVSS 8.8
CVE-2023-4659
CRITICAL
free5gc - Cross-Site Request Forgery via Token Manipulation
CVSS 9.8
CVE-2023-41452
HIGH
phpkobo AjaxNewTicker <1.0.5 - CSRF
CVSS 8.8
CVE-2023-44161
MEDIUM
Acronis Cyber Protect 15 < build 35979 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-44160
MEDIUM
Acronis Cyber Protect 15 < build 35979 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-40048
MEDIUM
WS_FTP Server < 8.8.2 - Cross-Site Request Forgery in Server Manager Interface
CVSS 6.8
CVE-2023-35793
HIGH
Cassia Access Controller 2.1.1.2303271039 - Cross-Site Request Forgery in Web SSH Session
CVSS 8.8
CVE-2023-43278
HIGH
Seacms < 12.8 - Cross-Site Request Forgery in admin_manager.php
CVSS 8.8
CVE-2023-42321
HIGH
icmsdev iCMS 7.0.16 - Cross-Site Request Forgery via admincp.php Files
CVSS 8.8
CVE-2023-43502
MEDIUM
Jenkins Build Failure Analyzer Plugin <2.4.1 - CSRF
CVSS 4.3
CVE-2023-43500
HIGH
Jenkins Build Failure Analyzer Plugin <2.4.1 - CSRF
CVSS 8.8
CVE-2023-2508
MEDIUM
PaperCut Mobility Print Server 1.0.3512 - Cross-Site Request Forgery in Printer Discovery Configuration
CVSS 5.3
CVE-2023-39446
HIGH
Socomec Modulys GP Firmware - Cross-Site Request Forgery
CVSS 8.9
CVE-2023-5036
HIGH
memos < 0.15.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-42270
HIGH
grocy <= 4.0.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-4959
MEDIUM
Quay - Cross-Site Request Forgery in Config-Editor Page
CVSS 6.5
CVE-2023-40868
HIGH
mooSocial Demo - Cross-Site Request Forgery via Delete Account and Deactivate Functions
CVSS 8.8
CVE-2023-39286
MEDIUM
Mitel Connect Mobility Router < 9.6.2307.111 - Unauthenticated Cross-Site Request Forgery
CVSS 4.3
CVE-2023-39285
MEDIUM
Mitel MiVoice Connect < 22.24.7100.0 - Unauthenticated Cross-Site Request Forgery in Edge Gateway
CVSS 4.3
CVE-2023-4916
HIGH
Login with phone number < 1.5.6 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 8.8
CVE-2023-4869
MEDIUM
SourceCodester Contact Manager App 1.0 - CSRF
CVSS 4.3
CVE-2023-4868
MEDIUM
SourceCodester Contact Manager App 1.0 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,354
Exploit Likelihood
Medium