CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,363 vulnerabilities with CWE-352
CVE-2022-47165 MEDIUM
CoSchedule < 3.3.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47161 MEDIUM
WordPress.Org community Health Check & Troubleshooting <1.5.1 - CSRF
CVSS 4.3
CVE-2022-47149 MEDIUM
Pretty Links <= 3.4.0 - CSRF
CVSS 4.3
CVE-2022-45367 MEDIUM
Custom Order Numbers for WooCommerce <= 1.4.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47164 MEDIUM
MagePeople Team Event Manager & Tickets Selling Plugin <3.7.7 - CSRF
CVSS 4.3
CVE-2022-47159 MEDIUM
Logaster Logo Generator <1.3 - CSRF
CVSS 4.3
CVE-2022-47139 MEDIUM
WP Basic Elements <= 5.2.15 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-47138 MEDIUM
German Krutov LOGIN AND REGISTRATION ATTEMPTS LIMIT <2.1 - CSRF
CVSS 4.3
CVE-2022-47135 MEDIUM
Chronoengine Com Chronoforms <7.0.9 - CSRF
CVSS 4.3
CVE-2022-46866 MEDIUM
Marty Thornley Import External Images <= 1.4 - CSRF
CVSS 4.3
CVE-2022-46865 MEDIUM
Marty Thornley Bulk Resize Media <1.1 - CSRF
CVSS 4.3
CVE-2022-46812 MEDIUM
VillaTheme Thank You Page Customizer - CSRF
CVSS 4.3
CVE-2022-46800 MEDIUM
LiteSpeed Technologies LiteSpeed Cache <5.3 - CSRF
CVSS 5.4
CVE-2022-41635 MEDIUM
Zorem Advanced Shipment Tracking for WooCommerce <= 3.5.2 - CSRF
CVSS 4.3
CVE-2022-47448 MEDIUM
xili-tidy-tags <= 1.12.03 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-47447 MEDIUM
WordPress WP-Advanced-Search <= 3.3.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47446 MEDIUM
Store Locator for WordPress with Google Maps - LotsOfLocales <= 3.98.7 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-47180 MEDIUM
Kopa Theme Kopa Framework <1.3.5 - CSRF
CVSS 4.3
CVE-2022-47152 MEDIUM
ClickFunnels <= 3.1.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-46816 MEDIUM
Booking Ultra Pro Appointments Booking Calendar Plugin <1.1.4 - CSRF
CVSS 4.3
CVE-2022-46794 MEDIUM
WooCommerce Weight Based Shipping <= 5.4.1 - CSRF
CVSS 4.3
CVE-2022-45364 MEDIUM
Drag and Drop Multiple File Upload - Contact Form 7 <= 1.3.6.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-46813 MEDIUM
Younes JFR - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-46853 MEDIUM
RadiusTheme The Post Grid <5.0.4 - CSRF
CVSS 4.3
CVE-2022-46851 MEDIUM
Brainstorm Force Starter Templates <3.1.20 - CSRF
CVSS 4.3
Details
Vulnerabilities 9,363
Exploit Likelihood Medium