CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,354 vulnerabilities with CWE-352
CVE-2023-4865
MEDIUM
SourceCodester Take-Note App 1.0 - CSRF
CVSS 4.3
CVE-2023-40953
HIGH
idreamsoft icms 7.0.16 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-41946
LOW
Jenkins Frugal Testing Plugin <= 1.1 - Cross-Site Request Forgery
CVSS 3.5
CVE-2023-41942
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin < 3.0.12 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-41938
MEDIUM
Jenkins Ivy Plugin < 2.5 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-4059
MEDIUM
Profile Builder < 3.9.8 - Unauthenticated Missing Authorization and CSRF in Page Creation Function
CVSS 4.3
CVE-2023-39372
HIGH
StarTrinity Softswitch 2023-02-16 - Cross-Site Request Forgery
CVSS 8.1
CVE-2023-31174
HIGH
SEL-5037 SEL Grid Configurator <4.5.0.20 - CSRF
CVSS 7.4
CVE-2023-4161
MEDIUM
WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery via SaveCustomField Function
CVSS 4.3
CVE-2023-4000
MEDIUM
WordPress One-click countdowns <0.6.2 - CSRF
CVSS 6.3
CVE-2023-3764
MEDIUM
WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery via Save Function
CVSS 4.3
CVE-2023-2352
MEDIUM
CHP Ads Block Detector <3.9.4 - CSRF
CVSS 4.3
CVE-2023-2279
MEDIUM
WP Directory Kit <= 1.2.1 - Cross-Site Request Forgery via admin_page_display Function
CVSS 5.4
CVE-2023-3356
MEDIUM
Subscribers Text Counter WP <1.7.1 - CSRF/XSS
CVSS 4.3
CVE-2023-23473
MEDIUM
IBM InfoSphere Information Server 11.7.0.0-11.7.1.0, 11.7.0.0-11.7.1.4 - Cross-Site Request Forgery
CVSS 5.3
CVE-2023-40572
CRITICAL
XWiki < 14.10.9 - Cross-Site Request Forgery via Create Action
CVSS 9.0
CVE-2023-4301
MEDIUM
Jenkins Fortify Plugin <22.1.38 - CSRF
CVSS 4.2
CVE-2023-39061
LOW
Chamilo 1.11-1.11.20 - Authenticated Cross-Site Request Forgery via Admin Account Forum Posts
CVSS 3.5
CVE-2023-4455
MEDIUM
wallabag < 2.6.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-4454
MEDIUM
wallabag < 2.6.3 - Cross-Site Request Forgery
CVSS 5.7
CVE-2023-40172
MEDIUM
fobybus social-media-skeleton < 1.0.5 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-31218
HIGH
Pluginus Wolf - Wordpress Posts Bulk Editor And Products Manager Professional < 1.0.7 - CSRF
CVSS 7.1
CVE-2023-20221
MEDIUM
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-40351
MEDIUM
Jenkins Favorite View Plugin < 5.v77a_37f62782d - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-40341
HIGH
Jenkins Blue Ocean < 1.27.5 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,354
Exploit Likelihood
Medium