CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,363 vulnerabilities with CWE-352
CVE-2022-50804
HIGH
JM-DATA ONU JF511-TV <1.0.67 - CSRF
CVSS 8.8
CVE-2022-4363
MEDIUM
Wholesale Market <2.2.2 & Wholesale Market for WooCommerce <2.0.1 -...
CVSS 6.5
CVE-2022-47424
MEDIUM
ARMember and ARMember Premium < 4.0.6 and < 6.7.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-20853
HIGH
Cisco TelePresence Video Communication Server - Cross-Site Request Forgery via REST API
CVSS 7.4
CVE-2022-30357
HIGH
OvalEdge < 5.2.8 - Authenticated Account Takeover via Profile Update
CVSS 8.8
CVE-2022-45850
MEDIUM
Image Map Pro < 5.6.9 - Cross-Site Request Forgery Leading to Stored Cross-Site Scripting
CVSS 6.1
CVE-2022-45847
MEDIUM
WordPress Countdown Widget < 3.1.9.1 - Cross-Site Request Forgery Leading to Cross-Site Scripting
CVSS 6.1
CVE-2022-41990
HIGH
3D Tag Cloud < 3.8 - Stored Cross-Site Scripting via Cross-Site Request Forgery
CVSS 7.1
CVE-2022-3899
HIGH
3dprint < 3.5.6.9 - Cross-Site Request Forgery via Tiny File Manager
CVSS 8.1
CVE-2022-1760
MEDIUM
Core Control WordPress Plugin < 1.2.1 - Cross-Site Request Forgery in Settings Update
CVSS 4.3
CVE-2022-1618
MEDIUM
Coru LFMember < 1.0.2 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Game Addition
CVSS 6.1
CVE-2022-1617
MEDIUM
WP-Invoice < 4.3.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 6.1
CVE-2022-27488
HIGH
Fortinet Fortiai < 6.0.12 - CSRF
CVSS 8.3
CVE-2022-35638
MEDIUM
IBM Sterling B2B Integrator 6.0.0.0-6.0.3.8 and 6.1.0.0-6.1.2.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47181
MEDIUM
wpexpertsio Email Templates Customizer - CSRF
CVSS 4.3
CVE-2022-2441
HIGH
ImageMagick Engine < 1.7.5 - Unauthenticated Remote Code Execution via cli_path Parameter
CVSS 8.8
CVE-2022-47175
MEDIUM
P Royal Royal Elementor Addons and Templates <1.3.75 - CSRF
CVSS 4.3
CVE-2022-46841
MEDIUM
Soflyy Oxygen Builder <= 4.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-47559
HIGH
Ormazabal ekorRCI and ekorCCP Firmware - Cross-Site Request Forgery
CVSS 8.6
CVE-2022-43710
HIGH
GX Software XperienCentral <10.33.0 - CSRF
CVSS 8.8
CVE-2022-30280
HIGH
Nokia NetAct 22 - Cross-Site Request Forgery in User Creation
CVSS 8.8
CVE-2022-47169
MEDIUM
StaxWP Visibility Logic for Elementor <2.3.4 - CSRF
CVSS 4.3
CVE-2022-46857
MEDIUM
SiteAlert < 1.9.7 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-45828
MEDIUM
NooTheme Noo Timetable <= 2.1.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-38062
MEDIUM
Metagauss Download Theme <1.0.9 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,363
Exploit Likelihood
Medium