CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,355 vulnerabilities with CWE-352
CVE-2023-2079
HIGH
Buy Me a Coffee - Button and Widget Plugin <= 3.7 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 7.1
CVE-2023-37277
CRITICAL
XWiki 1.8-14.10.8 - Cross-Site Request Forgery via REST API
CVSS 9.6
CVE-2023-3579
MEDIUM
HadSky 7.11.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-37392
MEDIUM
WP Dummy Content Generator <= 2.3.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-36691
MEDIUM
Albert Peschar WebwinkelKeur <= 3.24 - CSRF
CVSS 5.4
CVE-2023-35912
MEDIUM
WP Zone Potent Donations for WooCommerce <= 1.1.9 - CSRF
CVSS 4.3
CVE-2023-28995
MEDIUM
Keith Solomon Configurable Tag Cloud (CTC) <= 5.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-28989
MEDIUM
Happy Addons for Elementor <= 3.8.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-28986
MEDIUM
Affiliates Manager <= 2.9.20 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-25478
MEDIUM
Weather Station < 3.8.12 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-24405
MEDIUM
Scott Paterson Contact Form 7 - PayPal & Stripe Add-on <1.9.3 - CSRF
CVSS 5.4
CVE-2023-24395
MEDIUM
Scott Paterson Contact Form 7 Redirect & Thank You Page <1.0.3 - CSRF
CVSS 5.4
CVE-2023-23993
MEDIUM
LionScripts.Com LionScripts: IP Blocker Lite <11.1.1 - CSRF
CVSS 5.4
CVE-2023-23897
MEDIUM
Ozette Plugins Simple Mobile URL Redirect <1.7.2 - CSRF
CVSS 4.3
CVE-2023-23869
MEDIUM
Amit Agarwal Google XML Sitemap for Mobile <= 1.6.1 - CSRF
CVSS 4.3
CVE-2023-23804
MEDIUM
HasThemes HT Feed <= 1.2.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-23787
MEDIUM
Premmerce Redirect Manager <= 1.0.9 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-22695
MEDIUM
Custom Field Template <= 2.5.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-22694
MEDIUM
BigContact Contact Page <= 1.5.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-22673
MEDIUM
MageNet Website Monetization by MageNet <= 1.0.29.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-20180
MEDIUM
Cisco Webex Meetings - Unauthenticated Cross-Site Request Forgery
CVSS 4.3
CVE-2023-36256
MEDIUM
Online Examination System Project 1.0 - CSRF
CVSS 6.5
CVE-2023-25201
HIGH
MultiTech Conduit AP MTCAP2-L4E1-868-042A v6.0.0 - Cross-Site Request Forgery via Script Upload
CVSS 8.8
CVE-2023-35120
HIGH
PiiGAB M-Bus 900s Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-37131
MEDIUM
YznCMS 1.1.0 - Cross-Site Request Forgery in Admin Profile Update
CVSS 6.5
Details
Vulnerabilities
9,355
Exploit Likelihood
Medium