CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,363 vulnerabilities with CWE-352
CVE-2022-38468
MEDIUM
Imagely WordPress Gallery Plugin <= 3.28 - CSRF
CVSS 4.3
CVE-2022-47612
MEDIUM
Participants Database <= 2.4.5 - Cross-Site Request Forgery via List Column Update
CVSS 4.3
CVE-2022-47179
MEDIUM
OWM Weather plugin <= 5.6.11 - CSRF
CVSS 4.3
CVE-2022-43459
MEDIUM
Captainform < 2.5.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-1607
MEDIUM
ABB Infinity DC Power Plant and NE843_S < 5.0.0 - Cross-Site Request Forgery
CVSS 4.6
CVE-2022-4386
MEDIUM
Intuitive Custom Post Order <3.1.4 - CSRF
CVSS 4.3
CVE-2022-48320
MEDIUM
Checkmk <= 2.1.0p17 and <= 2.0.0p31 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-47373
MEDIUM
Pandora FMS < 766 - Reflected Cross-Site Scripting via Username Parameter in Forget Password Functionality
CVSS 6.4
CVE-2022-47372
HIGH
Pandora FMS < 766 - Stored Cross-Site Scripting in Create Event Section
CVSS 7.6
CVE-2022-29557
HIGH
LexisNexis Firco Compliance Link 3.7 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-46862
MEDIUM
ExpressTech Quiz And Survey Master <= 8.0.7 - CSRF
CVSS 4.3
CVE-2022-43469
MEDIUM
Orchestrated Corona Virus <1.7.0.6 - CSRF
CVSS 5.4
CVE-2022-4138
MEDIUM
GitLab < 15.6.7, 15.7-15.7.6, 15.8-15.8.1 - Cross-Site Request Forgery
CVSS 6.4
CVE-2022-41134
MEDIUM
Optinly < 1.0.16 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-34448
HIGH
Dell PowerPath Management Appliance 3.0-3.3 - Unauthenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2022-3568
HIGH
ImageMagick Engine <1.7.5 - Open Redirect
CVSS 8.8
CVE-2022-41620
MEDIUM
SeoSamba for WordPress Webmasters <1.0.5 - CSRF
CVSS 5.4
CVE-2022-2933
MEDIUM
0mk Shortener <= 0.2 - Cross-Site Request Forgery via zeromk_options_page Function
CVSS 5.4
CVE-2022-27628
MEDIUM
WZone - Lite Version 3.1 Lite - Cross-Site Request Forgery
CVSS 4.7
CVE-2022-47132
HIGH
Academy LMS < 5.10 - Cross-Site Request Forgery to Add Administrator
CVSS 8.8
CVE-2022-47131
MEDIUM
Academy LMS < 5.10 - Cross-Site Request Forgery via Page Creation
CVSS 4.8
CVE-2022-47130
MEDIUM
Academy LMS < 5.10 - Authenticated Cross-Site Request Forgery via Discount Coupon Creation
CVSS 4.3
CVE-2022-46842
MEDIUM
JS Help Desk < 2.7.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-46815
MEDIUM
Lauri Karisola / WP Trio Conditional Shipping for WooCommerce <= 2....
CVSS 5.4
CVE-2022-45807
MEDIUM
WPVibes WP Mail Log <= 1.0.1 - Cross-Site Request Forgery
CVSS 5.4
Details
Vulnerabilities
9,363
Exploit Likelihood
Medium