CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,363 vulnerabilities with CWE-352
CVE-2022-47611
MEDIUM
Hover Image < 1.4.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47183
MEDIUM
StylistWP Extra Block Design - CSRF
CVSS 5.4
CVE-2022-47167
MEDIUM
Aram Kocharyan Crayon Syntax Highlighter <= 2.8.4 - CSRF
CVSS 5.4
CVE-2022-45376
MEDIUM
XootiX Side Cart Woocommerce (Ajax) < 2.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-45079
MEDIUM
Loginizer <= 1.7.5 - Cross-Site Request Forgery
CVSS 4.7
CVE-2022-45076
MEDIUM
Flexible Elementor Panel <= 2.3.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-44739
MEDIUM
Quick Restaurant Reservations <= 1.5.4 - Cross-Site Request Forgery
CVSS 5.3
CVE-2022-41608
MEDIUM
Thomas Belser Asgaros Forum <= 2.2.0 - CSRF
CVSS 5.4
CVE-2022-47609
MEDIUM
Nicearma DNUI < 2.8.1 - Cross-Site Request Forgery
CVSS 6.3
CVE-2022-47142
MEDIUM
Plugincraft Mediamatic - Media Library Folders <= 2.8.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-47134
MEDIUM
Bill Erickson Gallery Metabox <1.5 - CSRF
CVSS 4.3
CVE-2022-45846
MEDIUM
Image Map Pro for WordPress - Interactive SVG Image Map Builder < 5.6.9 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-40724
MEDIUM
PingFederate 10.3.0-10.3.10 - Cross-Site Request Forgery via Local Identity Profiles Endpoint
CVSS 6.4
CVE-2022-45080
MEDIUM
KrishaWeb Add Multiple Marker <= 1.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-45074
MEDIUM
Activity Reactions For Buddypress <= 1.0.22 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-4944
MEDIUM
kodcloud kodexplorer < 4.49 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-46793
MEDIUM
AdTribes.Io Product Feed PRO for WooCommerce <= 12.4.4 - CSRF
CVSS 5.4
CVE-2022-4941
MEDIUM
WCFM Membership < 2.9.10 - Cross-Site Request Forgery via Missing Nonce Checks
CVSS 6.3
CVE-2022-4938
MEDIUM
WCFM Frontend Manager for WooCommerce <= 6.6.0 - Cross-Site Request Forgery via Missing Nonce Checks
CVSS 6.3
CVE-2022-4936
MEDIUM
WCFM Marketplace < 3.4.12 - Cross-Site Request Forgery via Missing Nonce Checks
CVSS 6.3
CVE-2022-41633
MEDIUM
PeepSo < 6.0.3.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-42447
CRITICAL
HCL Compass 2.0.0-2.0.2 - Cross-Origin Resource Sharing Misconfiguration
CVSS 9.6
CVE-2022-38077
MEDIUM
Popup Anything - A Marketing Popup and Lead Generation Conversions <= 2.2.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-30705
MEDIUM
Pankaj Jha WordPress Ping Optimizer <= 2.35.1.2.3 - CSRF
CVSS 5.4
CVE-2022-4148
MEDIUM
dash10 oauth_server < 4.3.0 - Authenticated Arbitrary Client Deletion via CSRF
CVSS 4.3
Details
Vulnerabilities
9,363
Exploit Likelihood
Medium