CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,357 vulnerabilities with CWE-352
CVE-2023-22686
MEDIUM
TriniTronic Nice PayPal Button Lite <= 1.3.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2023-29020
MEDIUM
fastify/passport < 1.1.0 - Cross-Site Request Forgery Protection Bypass via Session Fixation
CVSS 6.5
CVE-2023-2228
MEDIUM
modoboa < 2.1.0 - Cross-Site Request Forgery
CVSS 6.8
CVE-2023-30616
MEDIUM
Form Block < 1.0.2 - Cross-Site Request Forgery via Missing Nonce Check
CVSS 6.5
CVE-2023-27495
MEDIUM
@fastify/csrf-protection < 4.1.0 - CSRF Protection Bypass via Predictable userInfo Parameter
CVSS 5.3
CVE-2023-29213
CRITICAL
XWiki Platform < 13.10.11 - Authenticated Remote Code Execution via URL Expression Injection
CVSS 9.0
CVE-2023-30474
MEDIUM
Ultimate Noindex Nofollow Tool II <= 1.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-30529
MEDIUM
Jenkins Lucene-Search Plugin < 387.v938a_ecb_f7fe9 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-30525
HIGH
Jenkins Report Portal Plugin < 0.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-25411
MEDIUM
Aten PE8108 2.4.232 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-26845
MEDIUM
OpenCATS 0.9.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-27520
MEDIUM
Epson Printers Web Config - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-1937
MEDIUM
My-Blog - Cross-Site Request Forgery via /admin/configurations/userInfo
CVSS 4.3
CVE-2023-1927
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via deleteCssAndJsCacheToolbar
CVSS 4.3
CVE-2023-1926
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via deleteCacheToolbar Function
CVSS 4.3
CVE-2023-1925
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via Cache Clear Function
CVSS 4.3
CVE-2023-1924
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via wpfc_toolbar_save_settings_callback
CVSS 4.3
CVE-2023-1923
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via CDN Integration AJAX Request
CVSS 4.3
CVE-2023-1922
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via wpfc_pause_cdn_integration_ajax_request_callback
CVSS 4.3
CVE-2023-1921
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via CDN Integration
CVSS 4.3
CVE-2023-1920
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via Varnish Cache Purge
CVSS 4.3
CVE-2023-1919
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via wpfc_preload_single_save_settings_callback
CVSS 4.3
CVE-2023-1918
MEDIUM
WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via wpfc_preload_single_callback
CVSS 4.3
CVE-2023-29008
HIGH
SvelteKit < 1.15.2 - Cross-Site Request Forgery via Uppercase Content-Type Header Bypass
CVSS 8.8
CVE-2023-23801
MEDIUM
HasThemes Really Simple Google Tag Manager <= 1.0.6 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities
9,357
Exploit Likelihood
Medium