CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,363 vulnerabilities with CWE-352
CVE-2022-36424 MEDIUM
Nikola Loncar Easy Appointments <3.11.9 - CSRF
CVSS 4.3
CVE-2022-47172 MEDIUM
HasThemes ShopLentor <= 2.6.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-29561 HIGH
Siemens RUGGEDCOM ROX Firmware < 2.16.0 - Cross-Site Request Forgery
CVSS 7.5
CVE-2022-45823 MEDIUM
GalleryPlugins Video Contest WordPress Plugin <= 3.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-3372 HIGH
Riello UPS Netman-204 02.05 - Cross-Site Request Forgery via Password Change
CVSS 8.8
CVE-2022-42880 MEDIUM
Auto Upload Images <= 3.3 - Cross-Site Request Forgery Leading to Stored Cross-Site Scripting
CVSS 6.1
CVE-2022-36250 HIGH
Shop Beat Media Player <3.2.57 - CSRF
CVSS 8.8
CVE-2022-45372 MEDIUM
Product Gallery Slider for WooCommerce <= 2.2.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-33974 MEDIUM
Smash Balloon Custom Twitter Feeds <1.8.4 - CSRF
CVSS 5.4
CVE-2022-36345 MEDIUM
Metagauss Download Plugin <= 2.0.4 - CSRF
CVSS 4.3
CVE-2022-47174 MEDIUM
WordPress Performance Team Performance Lab <2.2.0 - CSRF
CVSS 4.3
CVE-2022-47178 MEDIUM
Simple Share Buttons Adder <= 8.4.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47144 MEDIUM
Mediamatic - Media Library Folders <= 2.8.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47136 MEDIUM
WPManageNinja LLC Ninja Tables - CSRF
CVSS 4.3
CVE-2022-46856 MEDIUM
ORION Woocommerce Products Designer <4.3.3 - CSRF
CVSS 5.4
CVE-2022-46820 MEDIUM
WPJoli Joli Table Of Contents <1.3.9 - CSRF
CVSS 5.4
CVE-2022-46814 MEDIUM
Pierre Lebedel Kodex Posts likes < 2.4.3 - CSRF
CVSS 4.3
CVE-2022-46810 MEDIUM
VillaTheme Thank You Page Customizer - CSRF
CVSS 4.3
CVE-2022-45815 MEDIUM
StylemixThemes GDPR Compliance & Cookie Consent <= 1.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-45371 MEDIUM
Wpmet ShopEngine <= 4.1.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-43490 MEDIUM
XWP Stream <= 3.9.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-41987 MEDIUM
BadgeOS <= 3.7.1.6 - Cross-Site Request Forgery
CVSS 6.3
CVE-2022-38716 MEDIUM
StylemixThemes Motors - Car Dealer, Classifieds & Listing <1.4.4 - ...
CVSS 5.4
CVE-2022-38356 MEDIUM
StylemixThemes WordPress Header Builder Plugin - CSRF
CVSS 5.4
CVE-2022-47177 MEDIUM
WP EasyPay - Square for WordPress <= 4.1 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities 9,363
Exploit Likelihood Medium