CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,355 vulnerabilities with CWE-352
CVE-2023-2416 MEDIUM
WordPress vcita <= 4.5 - Cross-Site Request Forgery via vcita_logout_callback
CVSS 5.4
CVE-2023-2407 MEDIUM
Event Registration Calendar By vcita <= 3.10.0 & Online Payments < 1.3.1 - Cross-Site Request Forgery
CVSS 6.1
CVE-2023-2405 MEDIUM
CRM and Lead Management by vcita <= 2.7.0 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 6.1
CVE-2023-2303 MEDIUM
vcita WordPress Plugin <2.6.4 - CSRF
CVSS 6.1
CVE-2023-2301 MEDIUM
Contact Form Builder by vcita <= 4.10.3 - Cross-Site Request Forgery via ls_parse_vcita_callback
CVSS 6.1
CVE-2023-3055 MEDIUM
WordPress Page Builder by AZEXO <1.27.133 - CSRF
CVSS 6.1
CVE-2023-3052 MEDIUM
The Page Builder by AZEXO <1.27.133 - CSRF
CVSS 6.3
CVE-2023-3075 MEDIUM
corebos < 8.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-3029 MEDIUM
Guangdong Pythagorean OA Office System <4.50.31 - CSRF
CVSS 4.3
CVE-2023-2549 HIGH
Feather Login Page 1.0.7-1.1.1 - Cross-Site Request Forgery via createTempAccountLink
CVSS 8.8
CVE-2023-33926 HIGH
Supsystic Easy Google Maps <1.11.7 - CSRF
CVSS 7.1
CVE-2023-33316 MEDIUM
WooCommerce Follow-Up Emails (AutomateWoo) <= 4.9.40 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-33313 MEDIUM
ThemeinProgress WIP Custom Login <1.2.9 - CSRF
CVSS 4.3
CVE-2023-33931 MEDIUM
YouTube Playlist Player <4.6.4 - CSRF
CVSS 4.3
CVE-2023-33315 MEDIUM
Smart App Banner <= 1.1.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-33314 MEDIUM
BEAR - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-33212 MEDIUM
Crocoblock JetFormBuilder <= 3.0.6 - CSRF
CVSS 4.3
CVE-2023-32964 MEDIUM
Better Notifications for WP <= 1.9.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25467 MEDIUM
Resize at Upload Plus <= 1.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-25058 MEDIUM
Brainstorm Force Schema - All In One Schema Rich Snippets <= 1.6.5 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25034 MEDIUM
BoLiQuan WP Clean Up <= 1.2.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25470 MEDIUM
Rus-To-Lat < 0.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25029 MEDIUM
WP Social Bookmarking Light <= 2.0.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-25038 MEDIUM
984.ru For the visually impaired <= 0.58 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-24008 MEDIUM
yonifre Maspik - Spam Blacklist <0.7.8 - CSRF
CVSS 4.3
Details
Vulnerabilities 9,355
Exploit Likelihood Medium