CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,363 vulnerabilities with CWE-352
CVE-2022-45067
MEDIUM
Exclusive Addons for Elementor <= 2.6.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-44585
MEDIUM
Homepage Pop-up <= 1.2.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-40692
MEDIUM
Sunshine Photo Cart <= 2.9.13 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-36401
MEDIUM
TeraWallet - WooCommerce <= 1.3.24 - CSRF
CVSS 5.4
CVE-2022-32516
HIGH
Conext ComBox Firmware - Cross-Site Request Forgery via POST Request
CVSS 7.5
CVE-2022-4872
MEDIUM
Chained Products < 2.12.0 - Unauthenticated Missing Authorization
CVSS 4.3
CVE-2022-4553
MEDIUM
FL3R FeelBox < 8.1 - Cross-Site Request Forgery via Mood Reset Action
CVSS 4.3
CVE-2022-4552
MEDIUM
FL3R FeelBox < 8.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 6.1
CVE-2022-43980
MEDIUM
Pandora FMS < 766 - Stored Cross-Site Scripting in Network Maps Editing
CVSS 5.2
CVE-2022-37719
HIGH
EdgeNexus Application Delivery Controller 4.2.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-4548
MEDIUM
Optimize images ALT Text & names for SEO using AI < 2.0.8 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-47395
HIGH
Sewio Real-Time Location System Studio 2.0.0-2.6.2 - Cross-Site Request Forgery in Monitor Services
CVSS 8.1
CVE-2022-45127
HIGH
Sewio Real-Time Location System Studio 2.0.0-2.6.2 - Cross-Site Request Forgery in Backup Services
CVSS 8.1
CVE-2022-4621
HIGH
Panasonic Sanyo CCTV Network Cameras - CSRF
CVSS 7.5
CVE-2022-30544
MEDIUM
MiKa OSM - OpenStreetMap <= 6.0.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-43719
HIGH
Apache Superset < 1.5.2 and 2.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-46368
MEDIUM
Rumpus < 9.0.7.1 - Cross-Site Request Forgery
CVSS 6.8
CVE-2022-46367
MEDIUM
Rumpus - CSRF - Privilege Escalation
CVSS 6.8
CVE-2022-4707
MEDIUM
Royal Elementor Addons < 1.3.59 - Cross-Site Request Forgery via Mega Menu Template Creation
CVSS 4.3
CVE-2022-4103
MEDIUM
Royal Elementor Addons < 1.3.56 - Authenticated Missing Authorization for Template Creation
CVSS 4.3
CVE-2022-4102
LOW
Royal Elementor Addons < 1.3.56 - Authenticated Arbitrary Post Deletion via Template Deletion
CVSS 3.1
CVE-2022-42435
MEDIUM
IBM Business Automation Workflow 18.0.0-22.0.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-3911
HIGH
iubenda-cookie-law-solution < 3.3.3 - Authenticated Privilege Escalation via AJAX Action
CVSS 8.8
CVE-2022-4867
MEDIUM
froxlor/froxlor <2.0.0-beta1 - CSRF
CVSS 4.3
CVE-2022-4850
MEDIUM
memos < 0.9.1 - Cross-Site Request Forgery
CVSS 6.5
Details
Vulnerabilities
9,363
Exploit Likelihood
Medium