CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,357 vulnerabilities with CWE-352
CVE-2023-23797
MEDIUM
SecondLineThemes Auto YouTube Importer <= 1.0.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-23813
MEDIUM
My Calendar <= 3.4.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-23712
MEDIUM
User Meta Manager <= 3.4.9 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-23680
MEDIUM
WP-TopBar < 5.36 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-22714
MEDIUM
Supsystic Coming Soon by Supsystic <= 1.7.10 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-22709
MEDIUM
SRS Simple Hits Counter <= 1.1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-22692
MEDIUM
Name Directory < 1.27.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-22688
MEDIUM
Abdul Ibad WP Tabs Slides <= 2.0.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-32589
MEDIUM
PingOnline Dyslexiefont Free <= 1.0.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-24414
MEDIUM
RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.11 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-23890
HIGH
LJ Apps WP Airbnb Review Slider <3.2 - CSRF
CVSS 7.1
CVE-2023-22689
MEDIUM
Auto Affiliate Links <= 6.3 - Cross-Site Request Forgery
CVSS 4.6
CVE-2023-2736
HIGH
Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery via ajax_edit_contact Function
CVSS 7.5
CVE-2023-2717
MEDIUM
Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 5.4
CVE-2023-27430
MEDIUM
Ramon Fincken Mass Delete Unused Tags <= 2.0.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-27423
MEDIUM
Ramon Fincken Auto Prune Posts <= 1.8.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-25698
MEDIUM
Studio Wombat Shoppable Images <= 1.2.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-2608
LOW
Multiple Page Generator Plugin <3.3.17 - CSRF leading to SQL Injection
CVSS 3.1
CVE-2023-2528
MEDIUM
Contact Form by Supsystic <= 1.7.24 - Cross-Site Request Forgery via AJAX Action Handler
CVSS 5.4
CVE-2023-2631
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - SSRF
CVSS 4.3
CVE-2023-2195
MEDIUM
Jenkins Code Dx Plugin <3.1.0 - CSRF
CVSS 4.3
CVE-2023-33006
MEDIUM
Jenkins WSO2 Oauth Plugin < 1.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-33003
MEDIUM
Jenkins Tag Profiler Plugin < 0.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-32998
HIGH
Jenkins AppSpider Plugin <= 1.0.15 - Cross-Site Request Forgery via HTTP POST Request
CVSS 8.8
CVE-2023-32995
HIGH
Jenkins SAML Single Sign On Plugin < 2.0.0 - Cross-Site Request Forgery via Email API
CVSS 8.8
Details
Vulnerabilities
9,357
Exploit Likelihood
Medium